Congratulations to our August Reader Challenge winners! Dick Campbell of Danvers, Massachusetts, wins first prize, a copy of "Admin911:Windows 2000 Registry." Ian Rosenfeld of Rye, New York, wins second prize, a copy of "Admin911: Windows 2000 Group Policy."
I heard from a reader who works in the market research department of a large company. The five people who work in the department frequently exchange document files, sometimes for the purpose of editing and sometimes because one user asks, "Can I borrow your report on the frazzle for my report on the doohickey?" Each user creates folders for current projects and shares the folders, so accessing all the users' documents is easy. (This team spirit is commendable.) The department's computers are running either Windows XP or Windows 2000 and are members of a Win2K domain. Every computer runs NTFS.
The reader who wrote to me said that she received an email message from another department member, who said, "Open the frazzle.doc file you transferred to my Project6 folder, look at the nifty stuff I added to it, and make corrections." When the reader tried to open the document, she received an error message telling her that she didn't have permission to access the file. NTFS permissions can be tricky when you move objects around.
How much do you know about the way NTFS permissions work? Indicate either true or false for each of the following statements:
1. When you move an object to a different volume, the object's permissions are inherited from the new parent object, and the original permissions are ignored.
2. If you move an object to a different folder on the same volume, the original permissions are retained, even if the new parent object's permissions are different.
3. The Everyone group has Full Control permissions on the root of an NTFS drive.
4. Deny permissions have precedence over Allow permissions.
5. Explicitly set permissions have precedence over permissions that the parent object grants.
6. If a user's group permissions conflict with her individual user permissions, NTFS grants the most liberal permissions.
All the statements are true.
You can preserve permissions when you copy or move files and folders by using Xcopy.exe with the /O switch, which tells Xcopy to copy owenership and ACL information.
You can change the way NTFS manages permissions when you copy a file or folder to another volume by editing the registry. In regedit, go to the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer subkey. Create a subkey of type REG_DWORD named ForceCopyAclwithFile and give it a data value of 1. Hereafter, when you copy or move a file or folder to another volume, the permissions will stay with the file or folder.