Windows system permissions issue

Recently in the work, often encounter a lot of permissions problems due to various system access problems. So the system understands the permissions of the windows system, it is also very good, easy to solve some configuration problems.

The difference between DOS and WinNT permissions

DOS is a single-tasking, single-user operating system. But can we say that DOS does not have permission? No! When we open a computer with a DOS operating system, we have the administrator rights for this operating system, and this permission is everywhere. Therefore, we can only say that DOS does not support the setting of permissions, it can not be said that it does not have permissions. As people's security awareness increased, permission settings were born with the release of NTFS.

In Windows NT, users are divided into groups, and groups and groups have different permissions. Of course, users in a group can have different permissions. Let's talk about the common user groups in NT.

Administrators, Administrators Group, by default, users in Administrators have unrestricted full access to computers/domains. The default permissions assigned to this group allow full control of the entire system. Therefore, only trusted personnel can become members of the group.

PowerUsers, Power User Groups, Power Users can perform any operating system tasks other than those reserved for the Administrators group. The default permissions assigned to the PowerUsers group allow members of the Power Users group to modify settings for the entire computer. However, Power Users does not have the authority to add itself to the Administrators group. In the permission settings, the permissions of this group are second only to Administrators.

Users: Ordinary user groups, users of this group cannot make intentional or unintentional changes. Therefore, users can run authenticated applications, but not most legacy applications. The Users group is the most secure group because the default permissions assigned to the group do not allow members to modify operating system settings or user profiles. The Users group provides one of the most secure program execution environments. On NTFS-formatted volumes, the default security settings are designed to prevent members of the group from compromising the integrity of the operating system and installed programs. Users cannot modify system registry settings, operating system files, or program files. Users can shut down the workstation but cannot shut down the server. Users can create local groups, but only local groups that they create themselves.

Guests: Guest groups, by default, guests have the same access as regular users, but the guest account has more restrictions.

Everyone: As the name implies, all users, all users on this computer belong to this group.

In fact, there is also a group that is very common. It has the same permissions as Administrators, but it does not allow any users to join. When viewing the user group, it will not It is displayed, it is the SYSTEM group. The permissions required for system and system level services to function properly are assigned to it. Since this group has only one user SYSTEM, it may be more appropriate to classify the group as a user.

Finally, Run as administrator is often used. Need to continue to understand. . Some of the previous groupings should go deeper and more specific. Let me talk about it first. .