GuidesBacking Up Data -- Permissions Intact

Backing Up Data — Permissions Intact

ServerWatch content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Jason Zandri

Using NTBACKUP to copy data to an alternate location and preserve
NTFS permissions

Jason Zandri’s latest tutorial discusses how to use NTBACKUP to copy data to an alternate location and preserve NTFS permissions. The article explains how to back up data with all of the permissions intact and how to perform a restore.

[NOTES FROM THE FIELD] – Before we begin, the key thing that I
want to stress on this HOW TO tutorial is that while it will explain how to back up data with all of the permissions intact and how to perform a restore, the
one thing to remember is that in the situation where you restore to another
system, only the domain accounts are going to hold their permissions and rights
to the data entirely intact. The local accounts, if any, that were assigned
rights to the data on the original domain member are going to be unknown
to another domain member and those local accounts from the original system will
not be able to access the data properly, if at all.

NTFS is the preferred file system for all computers running Windows 2000 and XP
Professional. This version of NTFS is called NTFS 5.

If you are running Windows NT 4.0 Service Pack 4 or later, you can read basic volumes
formatted by using NTFS 5 locally on dual boot systems. Windows 2000 and Windows
XP Professional can read NTFS 5 on both basic and dynamic volumes.

[NOTES FROM THE FIELD] – Computers systems accessing either version of NTFS across networks are not
affected. Version differences are usually only considered in local or dual boot

The following NTFS features are available in version 5;

  • File and Folder Permissions
  • Encryption
  • Disk Quotas
  • File Compression
  • Mounted Drives
  • Hard Links
  • Distributed Link Tracking
  • Sparse Files
  • Multiple Data Streams
  • POSIX Compliance
  • NTFS Change Journal
  • Indexing Service

File and Folder Permissions Under NTFS

In short, File and Folder Permissions under NTFS are designed to allow
administrators and data owners to set a level of access (or prevent one) to
the data in question.

The Principal of Least Privilege is where users are given only the minimum level
of permissions to the network resources needed to perform their given job
function and nothing higher.

Using NTFS you can set permissions down to the file level, where under FAT16 or
FAT32 this security is limited to shares only and has no effect when logging on
interactively (locally on the system).

Some key points to remember are:

  • Creator Owners are assigned the Full Control permission
    to the data and objects that they create.
  • Partitions and volumes originally formatted with
    NTFS are automatically configured to assign the Full Control permission to the
    Everyone group at the root of the drive by default.
  • FAT16 and/or FAT32 partitions that are converted to NTFS
    are designed to assign the Full Control permissions to the Everyone group on
    all resources on that volume by default.

There are two types of permissions within the NT file system: Explicit permissions are the type specifically set on a given
object; and inherited permissions are those gained from a parent container,
such as a parent folder or organizational unit. The default behavior of the NT
file system is to allow inheritance to child objects (folder, file or active
directory object), from the parent folder or container.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends & analysis

Latest Posts

Related Stories