Microsoft Windows File System : File , Folders, Users and Group Management

Microsoft Windows System: Foundation
Windows is the most widely used desktop operating system in the world, known for its user-friendly interface and robust features. At the heart of its functionality lies a powerful file system, primarily NTFS, which manages how data is stored, accessed, and secured. Understanding the Windows file system, along with users, groups, and permissions, is essential for effective system management and maintaining data security. In this guide, we’ll explore the foundations of Windows, including file system structure, user and group architecture, and the intricate world of permissions and access control. This knowledge is crucial for anyone seeking to master Windows system administration.

1️⃣ Windows File System (NTFS and More)

🔹 What is a File System?

A file system is a way for an operating system to organize, store, and manage data on a disk (like your hard drive). It decides how files are named, stored, and accessed.

🔹 Common Windows File Systems:

File System	Use Case	Limitations	Current Status
FAT16	Old floppy disks, small partitions	Max 2GB volume size, 2GB files	Obsolete
FAT32	USB drives, small storage	Max 4GB file size, 32GB partition size	Legacy, still used on USB drives
exFAT	USB drives for large files (cross-platform)	Less secure, no NTFS features	Common on removable drives
NTFS (New Technology File System)	Windows system drives, modern OS	Supports very large files, advanced permissions, encryption	Default & most used in Windows 10, 11, and Server

🔹 Why NTFS is Preferred:

File & Folder Permissions (Access Control Lists - ACL)
Encryption (EFS) for security
Compression support
Disk Quotas
Resilient File System (self-healing, log-based recovery)

🔍 Current Windows Systems (10, 11, Server 2016/2019/2022) use NTFS as the default file system for internal drives.

2️⃣ Windows Users & Groups Management System (NT Architecture)

🔹 What is the Windows NT User & Group Management System?

The Windows NT (New Technology) family—including Windows 10, 11, and Server—uses a centralized system to manage users, groups, and permissions through a system called SAM (Security Accounts Manager).

Let's break it down:

📂 User Accounts: Who Can Log In

What is a User Account?

A user account represents an individual identity that can log in to Windows, access files, run programs, and use resources. It has:

A username (e.g., JohnDoe)
A password
A unique Security Identifier (SID), like a fingerprint

User Type	Purpose	Examples
Administrator	\| Full control over the system	\| Admin
Standard User	\| Limited access, basic usage	\| John, Jane
Guest	\| Temporary, minimal access	\| Guest (rarely used)
System Accounts	\| Used by Windows internally	\| SYSTEM, LOCAL SERVICE, NETWORK SERVICE

📂 Groups: A Collection of Users

What is a Group?

A group is a collection of users that share the same permissions. Instead of giving permissions to each user, you give them to a group.

Types of Groups:

Group Type	Purpose	Examples
Local Groups	\| Exist on a single machine, manage permissions for that machine	\| Administrators, Users, Guests
Global Groups (Domain)	\| Used in domain networks (Active Directory)	\| Domain Users, Domain Admins
Built-in Groups	\| Predefined by Windows, cannot delete	\| Administrators, Users, Guests, Power Users

📂 How Users & Groups Work Together:

A user can be a member of one or more groups.
Permissions are granted to groups, not individual users (for easier management).
When a user logs in, they inherit the group's permissions.

3️⃣ User & Group Management Tools in Windows

🔹 Local User & Group Management Tools (For Standalone PCs)

Tool	Use Case	How to Open
Local Users and Groups (lusrmgr.msc)	Manage users & groups on a local machine	Run → `lusrmgr.msc` (Pro/Enterprise editions only)
Control Panel → User Accounts	Basic user management	Control Panel → User Accounts
Settings App → Accounts	Basic management in Windows 10/11	Settings → Accounts
Command Line (cmd / PowerShell)	Advanced management	`net user`, `net localgroup`, `New-LocalUser`

🔹 Domain User Management (Active Directory)

For enterprise networks, Active Directory (AD) is used. AD allows centralized management of users, groups, and permissions across many computers.

4️⃣ Permissions Management in Windows (ACL System)

🔹 What is a Permission?

A permission defines what a user or group can or cannot do with a file, folder, or object.

🔹 Key Permission Types:

Permission	Description
Read	\| View files & folders
Write	\| Modify files & folders
Execute	\| Run programs
Full Control	\| Do everything (read, write, delete, modify)

🔹 Access Control List (ACL) System:

Windows NTFS permissions are stored in an Access Control List (ACL).
Each file/folder has an ACL that lists Access Control Entries (ACEs).
Each ACE specifies:
- Who (user or group)
- What (permissions like read, write)

For example:

Object	User/Group	Permission
`C:\Documents`	\| John	\| Read, Write
`C:\Documents`	\| Administrators	\| Full Control

🔹 Inheritance in NTFS Permissions:

Permissions inherit from parent folders unless explicitly changed.
Example: If a folder has Read-Only permission, all files and subfolders inside get that unless changed.

🏛 Windows Security Model (Architecture)

🔹 How It All Works Together:

SAM (Security Accounts Manager) stores local user & group information.
LSASS (Local Security Authority Subsystem Service) enforces security policies like logon, password validation, and permissions.
NTFS file system manages file permissions via ACLs.
Tokens are generated when a user logs in:
- The token contains:
  - User SID
  - Group SIDs
  - Privileges (like backup, restore, shutdown)
- The token is used every time the user accesses resources.

5️⃣ Coming Up: Practical Management Tutorials

✅ In the next section, we’ll go hands-on with:

Creating users and groups (GUI & command line)
Assigning permissions
Managing permissions effectively

Subscribe Us