Title: windows101
Subject: More notes on windows

#####################################################
For you cheat sheet:
  share + NTFS = most restrictive permission wins
  NTFS + NTFS = least restrictive permission wins
  share + share = least restrictive permission wins.

Local perms are based on the file system security (e.g NTFS or FAT).
Network Share perms are based on file-sharing security.

When accessing a file over the network, the most restrictive between Local (NTFS) and Network (Share) perms wins.  
Example1:
If local NTFS folder allows Everyone group Full Control, and Network Share perms only list the Sales group with Read access, only the Sales group will have Read access over the network.
Example2:
If local NTFS folder allows Sales group Read, and Network Share perms allow Everyone group Full Control, only the Sales group will have Read access over the network.

Since a user can be in groups, and each group can have different levels of access in Local (NTFS) and Network (Share) perms, you must:
1. Determine the most permissive Effective Local (NTFS) perms.
2. Determine the most permissive Effective Network (Share) perms.
3. Determine the most restricitve Effective  Local+Network perms.

More stuff:
Explicit vs. inherited permissions
  If a check box is checked but grayed, the security setting was inherited from a upper-level parent folder.
  Explicit wins over inherited permissions.
  (e.g. Explicit Allow wins over Inherited Deny)

The tool in 2003 Server, Advanced Security Settings, Effective Permissions, calculates only the local (NTFS) perms, not Effective Permissions over the network.

There is a command line tool CALCS.  Not sure if this will show Network Share perms.  Options:  /g - grants, /r - Revokes, /p - Replaces, /d - Denies.

#####################################################
Get sysinternals
http://www.microsoft.com/technet/sysinternals/default.mspx
#####################################################
Edit Active Directory users and groups & machines
    C:\Program Files\Exchsrvr\bin\users and computers.msc
  
# reboot a windows machine from remote:
   #Option 1:
   1. VNC to the boxes,
   2. Manually stop/quit the app(consoles) and ntp client (automachron)
   3. Quiece/kill Watcher proc's,
   4. Execute C:\> reboot
   #Option 2:
   1. net use to server: net use \\server /user:administrator
   2. rcmd \\server shutdown /r /l /y /c /t:00
#####################################################
sysinternals:
       http://technet.microsoft.com/en-us/sysinternals/default.aspx
reskit shitdown command to reboot a box:
	shutdown /r /l /y /c /t:00
update util:
	http://www.netutils.com/Sections/Products/Prod_pag/Uxpt/Uxpt.htm
cygwin, gnu Unix ported to windows for free.
	cygwin.org
ntreskit:  should be included by default.
 	I think it must be purchased.
vnc:	remote dsekstopstuff
eventreporter:	50$ a server, sends Events to a unix syslog server.
	http://www.adiscon.com/Common/en/Articles/EventReporter-Monitor-Windows-NT-From-Unix.asp

Free Firewall:
       http://www.tinysoftware.com/home/tiny

Micro$haft Microsoft Baseline Security Analyzer (MBSA):
       http://support.microsoft.com/default.aspx?scid=kb;en-us;Q320454