Central File Server: How to set permissions using Access Control Lists (ACLs)

File permissions can be altered using access control lists (ACLs) in Windows.

Note: Using a Windows computer to delegate permissions to another user at this time there is no solution for setting these permissions using the Macintosh or Unix operating systems.

To set permissions from your Windows computer, follow the proceeding steps:

1. Click on the Start button, and pull up to Run...

2. Create a new folder to be shared, and then open the folder. Right-click on white space within the window that appears and select Properties.

3. In the Properties window click on the Security tab.

4. To add the people you are collaborating with, click on the Add button.

5. A new window will appear. In the lower text box, type in the following for all the people (separating each entry with a comma) you want to give access to your shared folder: "PRINCETON\netID" (where netID is the first half of that person's e-mail address)

6. Click on Add.

7. Select each user and provide them with the appropriate access level to your shared folder (Full Control for yourself, Read for those who need to read the contents of the folder, and Write for anyone who will be saving stuff to your shared folder) in the Permissions window.

8. Click on OK to close the Permissions window and then OK again to close the Properties window. You have now successfully secured your open share.

Important Note: The access control lists you create on your Windows computer are respected on the Unix side. The caveat is that the Unix permissions list will not reflect *exactly* what you have designated on the Windows side.

For example, if you allow another netID read, write and execute permission for a file using the Windows permissions method, Unix will reflect that as 777 permission (or global access) when this is not true.

Please note that if you change the permissions from a Unix command line interface, the Windows access control list will be overwritten.