File and folder permissions
NTFS permissions are always evaluated when a file is accessed. On NTFS and ReFS volumes, you can set security permissions on files and folders to grant or deny access to the files and folders. Because Windows Server 2012 R2 adds new layers of security, NTFS permissions now encompass the following:
? Basic permissions
? Claims-based permissions
? Special permissions
You can view NTFS permissions for files and folders by following these steps:
1. In File Explorer, press and hold or right-click the file or folder with which you want to work, and then tap or click Properties. In the Properties dialog box, tap or click the Security tab.
2. In the Group Or User Names list, select the user, computer, or group whose permissions you want to view. If the permissions are not available (dimmed), the permissions are inherited from a parent object.
Shared folders have both share permissions and NTFS permissions. You can view the underlying NTFS permissions for shared folders by following these steps:
1. In Server Manager, the Shares subnode of the File And Storage Services node shows existing shares for file servers that have been added for management.
2. Press and hold or right-click the folder with which you want to work, and then tap or click Properties to display a Properties dialog box.
3. When you tap or click Permissions in the left pane, the current share permissions and NTFS permissions are shown in the main pane.
4. To get more information, tap or click Customize Permissions to open the Advanced Security Settings dialog box.
On file servers running Windows Server 2012 R2, you can also use central access policies to precisely define the specific attributes that users and devices must have to access resources.