98-349 Microsoft Windows Operating System Fundamentals – Extra Lectures
- NTFS and permissions
Shares and permissions. When you think about a folder that you want to create on a server and share it with all your users, there are two things that you have to do. First you need to you have to share a folder and then apply something that is called NTFS permissions. When you check on our screen, you will see that we have shared permissions. And there are three permissions that you can go for full control, change and read to make it pretty easy for you. Read only, access change I can change modify things and full control. Yes, I own displays and NTFS permissions. It’s not a full list, but the main permissions you can go for. Again, full control. I can change whatever I want.
Modify, read everything is pretty easy. There is one thing that everybody asks for modify underwrite. There is a link and you can see this piece of information on your screen at the moment as well. To clarify the main difference between modify underwrite, it’s a more advanced topic, but I recommend you play with these permissions later on and figure out how they work. It makes sense to connect to a server and show you what I mean. I am connected to my server if I create a new folder, let’s call it Test. I right click and go to Properties. You will see a lot of tabs over here. One of them is sharing.
Let’s go there straight away. And I recommend you go for Advanced Sharing because when you click here this is a simplified solution. I don’t recommend using this one. I recommend you go for Advanced Sharing because when you share this folder and go for permissions, you will see full control, change and read. A lot of people go for all over here and lock it down using NTFS permissions. Let’s click OK. And security means NTFS permissions. When I edit, I can see users have some permissions in place and of course I can modify. Please note that you can go for Allow and deny. Deny is not recommended because you can break a lot of things. If you go for deny, you should always use Allow if possible. Over here we can add a user or a group. It’s recommended to use a group. You should never apply anything to a user directly. You should always use a group.
But here, later on in our lab we will use a group. We’ll create a group. But here I will just go for Mike. Do you remember our test user? I have a test user like this over here as well, but his name is Mike Holland. That’s fine. Click OK. And now when you think about Mike Holland, you can see a lot of options that you can go for. There are some options that Windows is trying to suggest oh, it makes sense to Allow, read, lists and so on. But you can say no, modify or even full control. You want to make sure that Mike can do whatever he wants. There are more options. If you go for advanced, you will see permissions, share, auditing and effective access. We’ll talk about effective access when we finish our lab, so I will leave it. You can disable inheritance as well by default.
Windows will suggest and use the following principle if you create a folder and then you create a file, it makes sense to take permissions and everything from a folder that you’re in. You can disable this feature. Please be very careful when you play with all these things because with one click you can disable something that you didn’t want and a lot of users will be upset and your phone will start ringing. Yes, I’ve seen it a lot of times. I hope you understand the main difference between Shares and NTFS permissions. Once again, if we go to Properties, you will see Sharing and security. Sharing we want to share. Please note that a network path will be created for you straight away. You can send it to a user, but we’ll map a drive later on to make it much easier for an end user and security. Over here it is NTFS permissions. You can be very specific what a user can do and what a user cannot do when it comes to this folder and all files that are inside the previous versions. A really nice feature that you can enable as well and take advantage of something that is called VSS shadow copies.
When you enable shadow copies, first of all, it’s much easier to make a backup because Windows can make a backup of files that are in use. What’s more, you can use previous versions to allow a user to go back in time and recover a file that he has just deleted or he has just changed modified previous versions. A really nice feature, a more advanced option, but pretty popular when it comes to service and file storage and so on. One more thing that I want to show you is groups and group scopes. When we go to Active Directory and we create a new group, I am on my server.
So you can recognize more roles and more options. So don’t worry, we will have a lab and we will start from scratch on our own server. And please note, when we create a new group, we have a group name and then we have group scopes and group types. Group Type security we want to create a security group if we want to apply permissions, NTFS permissions and we want to say that Mike should be a member of this group and he should be allowed to access a file. Distribution groups are used for emails. If you want to group users and then send an email to a group of users, group Scopes it’s a more advanced topic.
However, I want to show you a slide and tell you that there are three group scopes universal, global and domain local. Universal means that I can have accounts from accounts from any domains. And this is really important. If you have more than one domain, more than one site, then you want to make sure that you create a user or a group that will belong to a group that you can apply permissions to. Please note that by default it will go for global. But of course you can change your mind here for our lab, just leave it as it is. It doesn’t matter.
Later on when you create, for instance, two sites, two domains, you can go back to the slide and think if a group that you want to create should be maybe universal because want to include a user from another domain, please remember that we want to cover all the basics and then move to more advanced topics. I think we’re ready to go to our server and configure some permissions now.
- Cortana… Let’s Have a Chat!
Let’s ask some interesting questions. Yes, I know Kotana is your assistant. It can schedule an appointment, send an email, open an application for you. But Microsoft implemented some really cool answers to popular or questions. You can do the same on an Apple and Google device. Here, I show you a few examples. Hi. Hello there. Do you like apple? The new headquarters? Looks kind of like a halo. I’m into it. Okay. What’s better, windows or apple? Do you like iPhone? Personally microsoft Windows. But siri seems to like it. Okay, who is your father? Technically speaking, that would be Bill Gates. No big deal. And here is my favorite one. Do you like dogs? I like good dogs. Who’s a good dog? Who’s a good doggie? Oh, that’s a good little fuzzy face. Aunt. Here. You can ask ColtonA. Sing me a song. Row, row, row your boat gently down the stream.
Merry, merrily, merrily, merrily life is but a dream sing me a song. Oh, give me a home where the buffalo roam weather deer and the antelope play where seldom is heard okay, tell me a joke. How many surrealists does it take to screw in a light bulb? A fish. Okay. What’s the best tablet? In a sea of tablets there is one that rises to the surface. What’s better, Xbox or PlayStation One? Xbox One. What are you wearing? Just a little something I picked up in engineering. Are you clever? Well, I’m good with facts. Like, I can tell you who’s the coolest person in the world is. Okay. And of course you can keep playing and try and find some interesting and unique questions and answers. It’s really cool. Of course. I know, I know. Called Hana was designed to schedule appointments and help you with everyday tasks. But it’s really cool you can ask ask these questions. And here is the last one I want to show you. I don’t like you. Ouch. See you in our next lecture.
- Remote Access Tools – RDP, VNC…
Remote tools. We’ve been talking a lot about port forwarding, VPNs, remote connections and so on. Now I want to spend a few minutes talking about tools that you can use when you want to connect to a device remotely. So you have seen RDP already. Do you remember we used RDP remote Desktop Protocol, remote Desktop Connection when we talked about port forwarding? Now I want to focus on tools that you can use that are very similar to RDP but there are some advantages. The first one is Team Viewer. Team Viewer allows you to connect to a device that is behind a route of firewall.
Do you remember our discussion about local area networks? That you cannot connect a device directly? Right? You need port forwarding, you need VPN. So on here, Team Viewer allows you to innovate, bypass these firewalls routers and network devices because you put Team Viewer on, let’s say a local PC and then you go out, you want to check something on that PC. You open Team Viewer and then you can connect because your laptop and your, let’s say, mobile phone, they both go through a Team Viewer server that is, let’s say, located in the USA. So yeah, there is a free version of Team Viewer as well. You can give it a go. It’s the easiest way to start with a remote tool. Now, for local area networks there are two main options it’s Radmin and VNC. Yeah, they’re paid.
Radmin is, in my opinion, a bit faster. Rear VNC is really good as well. You can try both. And there is a free version of VNC because VNC is actually a protocol. Okay? And rear VNC is an application and there is tight VNC, which is for free. And this is what I am going to show you now because I have Server and one more PC I want to connect to these two guys, configure VNC and show you how it works. The idea is to put VNC Server on one device and then you use VNC Viewer on the other device. So on this guy we just yeah, that’s fine. Let’s go for server and Viewer.
That’s okay. Click next here. It’s really important to run it as a system service and that’s it. When you’re done, you will have to specify a password you want to use to authenticate. Here we go. For set password we specify what we are after and then we take another PC. In our local area network we use VNC Viewer. We type an IP address or name. I have to type this IP address using VNC Viewer and then I can connect. Please remember it is for your local area network. Yeah, they have to be in a way directly connected, connected to a switch. They have to see each other. Team Viewer can be used, for instance, if you’re behind a firewall, rotate or somewhere else, it doesn’t matter, you can connect.
- Applications you Should Know
There is a really cool application that you can use to find a network device that is that you’re after. So for instance, you have a printer and you have no idea what the IP address is. Of course you can just keep typing all IP addresses in Firefox, but it will take forever. So you can use an IP scanner and I recommend this tool. It is for free. You have this link on your web on your screen at the moment. Please feel free to download this tool and it will recognize your IP range. And all you have to do is click Start. It will try and ping. Do you know Ping? It will try and ask every single IP address in your local error network. Are you alive? Are you alive?
Because this is what Ping does every time it asks are you alive? Are you alive? If a device is alive, you can see it here in blue. And then you can try and identify this device to try and specify a host name. I just want to tell you this host name. So here you can see a printer. It’s really easy. Here, it’s my server, one more server, a laptop and so on. Sometimes it cannot identify a device that’s fine, but the good thing is you can right click and here you can open this IP address in your web browser straight away. So it means you don’t have to type it. Internet Explorer firefox. You can just right click and open this IP address straight away. A really cool application that I recommend you try out.