Understanding Windows Directory System

Basic Directory system on Windows.

Introduction

The directory structure in Windows is essential for managing files and folders on a computer system. Understanding Windows directory layout is critical for effective file management and navigation. In this post, we will look at the many components of the Windows directory structure and provide insights into its organization, file paths, and functionality. But firsly, we need to understand File Systems.

What are File Systems ?

A file system is how an operating system stores, organizes, and manages files and directories on a storage device. It is a mechanism by which operating systems arrange and store data on storage devices such as hard drives, solid-state drives (SSDs), USB drives, and other storage media. There are several file systems for computers, each of which works in its own unique way. Some examples include exFAT, ZFS, ReFS, Ext4 (used in Linux), etc.

Some key components of a File System are :
1.    Files
2.    Directory
3.    File Paths
4.    Meta Data
5.    File Attributes
6.    File System Types

Directory is a collection of files. It contains information such as attributes, types, location etc about the files stored in it. It can be compared to a Librarian who keeps records of all the books in the library.

(Read more on directory : https://simeononsecurity.com/articles/windows-directory-structure-guide/)

Directory System of Windows 

The directory system in Windows refers to the way files and folders are organized on different components of our computer hardware. Windows uses a hierarchial / tree-like directory structure. Each directory contains subdirectories and files, making a structured and organized system.

Key Directories in Windows System 

1. System Directory : One essential part of the Windows operating system is the System Directory. It includes vital system files and libraries required for the operating system to operate correctly. The System Directory's location varies based on the version of Windows:

• In a 32-bit system , System directory is located at C:\Windows\System32.
• In a 64-bit system , System directory is located at C:\SysWOW64.

2. User Directory : The User Directory (also known as the User Profile Folder) contains unique settings and data for each user account on the system. It stores user-specific information like papers, desktop files, downloads, and application settings. The User Directory is placed in C:\Users\username.

A User directory on the Terminal

Each user’s folder within C:\Users is organized to help keep their files easily accessible and neatly categorized.

• Desktop: Holds all files and shortcuts visible on the desktop screen.
• Documents: A default storage location for user-created documents.
• Downloads: The default location for files downloaded from the internet.
• Pictures, Music, and Videos: Default directories for storing multimedia files.
  
  
• AppData: A hidden folder that contains application-specific data, further divided into:

1. Local: Stores data specific to the computer.
2. Roaming: Contains data that can “roam” with the user across devices.
3. LocalLow: Stores data with lower privileges, typically for web browsers.
   
   

3. Program Files Directory : The Program Records Registry is the default area where applications and programs are introduced on the framework.
It is partitioned into two registries:

• C:Program Records - This registry stores 64-bit applications and programs.
  

• C:Program Records (x86) - This registry stores 32-bit applications and programs on 64-bit frameworks.
  
  
• Program Files stores applications installed on the computer, typically for 64-bit software.
  
  
• Program Files (x86) is used for 32-bit applications on 64-bit Windows systems.
  Both directories help keep installed applications organized and ensure smooth functionality across different versions of software.

4. Windows File Directory : 
    (C:\Windows) The Windows Directory contains core OS and system folders, it includes the Windows Kernel, System libraries, device drivers and other essential components.

5. ProgramData :
         This directory stores shared application data that isn’t specific to a single user.

It contains configurations and data used by installed applications across multiple users, such as    settings, license files, and database files

6. Other Common Directories:

• Downloads, C:\Users\Downloads
• Appdata, C:\Users\AppData
• Dekstop, C:\Users\Desktop

The drives in windows are assigned drive letters (like C: , D: , E :), out of which usually the C: drive is used as system directory.

Navigating through Directories 

1. The File Explorer is a built-in Windows application that uses a graphical interface to traverse through directory structures. It allows users to explore folders, view files, and execute file management functions. To launch File Explorer, press Win + E or click the folder icon in the taskbar.

2.Command Prompt: The Command Prompt (CMD) is a command-line interface that lets users interact with the system using text commands. It offers a powerful way to navigate the directory structure, with commands like cd (change directory), dir (list directory contents), and mkdir (create new directory).

Here are some common CMD commands:

• cd <directory> - to change the current directory.
• cipher <option> <file or directory> - shows and modifies encryption of files and directories.
• comp <file 1> <file 2> <options> - compare contents of two files.
• copy <options> <source> <destination> - copies content of one file to another file. For example: copy sample1.txt sample2.txt
• dir <drive> <pathname> <options> - the dir (directory) command lists directory contents, including files and subdirectories.

Working of dir C:\

• ftype <file type>=<open command> - shows and changes file type and extension
• hostname - simple command to display the host machine's name.
• md and mkdir - md and mkdir (make directory) commands create new directory or subdirectory,syntax is : md <path>  or mkdir <path> 

These are the few very common CMD commands. In further blogs we will also learn how to navigate through the "Terminal".

3. PowerShell:     A powerful scripting environment that enables advanced file system management and automation.  

File Management Commands in Windows Command Prompt (CMD)

1. Navigating Directories

To manage files, you first need to navigate to the correct directory.

• cd [directory_path]: Changes the current directory.
  • Example: cd C:\Users\JohnDoe\Documents
• cd ..: Moves up one level in the directory.
• dir: Lists all files and folders in the current directory.
  • Use dir /a to list hidden files and directories as well.

2. Creating Files and Directories

• mkdir [directory_name]: Creates a new directory.
  • Example: mkdir NewFolder
• echo [text] > [filename]: Creates a new text file with specified content.
  • Example: echo Hello, World! > file.txt creates a file named file.txt with "Hello, World!" inside.
• type nul > [filename]: Creates an empty file.
  • Example: type nul > emptyfile.txt

3. Copying Files

• copy [source] [destination]: Copies a file from the source to the destination.
  • Example: copy C:\folder1\file.txt C:\folder2\ copies file.txt to folder2.
• xcopy [source] [destination] /s /e: Recursively copies all files and directories, including empty ones.
  • Example: xcopy C:\folder1 C:\folder2 /s /e copies everything from folder1 to folder2.

4. Moving Files

• move [source] [destination]: Moves a file or folder to a new location.
  • Example: move C:\folder1\file.txt C:\folder2\ moves file.txt to folder2.

5. Deleting Files and Directories

• del [filename]: Deletes a file.
  • Example: del file.txt deletes file.txt in the current directory.
• del /s /q [directory]: Deletes all files within a directory, including subdirectories.
• rmdir [directory]: Deletes an empty directory.
  • Example: rmdir OldFolder
• rmdir /s /q [directory]: Deletes a directory and all its contents without prompting for confirmation.
  • Example: rmdir /s /q C:\folder1

6. Renaming Files and Directories

• rename [old_name] [new_name]: Renames a file or directory.
  • Example: rename oldfile.txt newfile.txt

7. Finding Files and Content in Files

• dir /s [filename]: Searches for a file in the current directory and all subdirectories.
  • Example: dir /s file.txt searches for file.txt in all subdirectories.
• find "text" [filename]: Searches for specific text within a file.
  • Example: find "error" log.txt searches for the word "error" within log.txt.
• findstr /s /i /m [text] *.*: Searches for text across multiple files in a directory.
  • Example: findstr /s /i /m "error" *.* finds the word "error" in all files in the current directory and subdirectories.

8. Setting File Permissions

• icacls [file_or_folder] /grant [username]:[permission]: Grants permissions to a file or folder.
  • Example: icacls file.txt /grant JohnDoe:F gives full control to the user JohnDoe.
• icacls [file_or_folder] /deny [username]:[permission]: Denies permissions.
• icacls [file_or_folder] /remove [username]: Removes all permissions for a user.

9. Checking Disk and Folder Sizes

• dir: Shows the total size of files in the current directory.
• dir /s: Displays sizes for files in all subdirectories, including total space used.
• chkdsk [drive_letter]:: Checks disk usage and errors on a specific drive.
  • Example: chkdsk C:

10. Other Useful Commands

• attrib [filename]: Displays or changes file attributes (e.g., read-only, hidden).
  • Example: attrib +h +r file.txt makes file.txt hidden and read-only.
• tree: Displays the directory structure in a tree-like format.
• fc [file1] [file2]: Compares two files line by line.
  • Example: fc file1.txt file2.txt

Permissions in Windows

    Permissions in the Windows file system control which users and groups can access or modify files and folders.Permissions include Read, Write, Execute, Modify, and Full Control.The system administrator can set permissions to secure sensitive data and restrict access as needed.
1. Key Components of Windows Permissions
a. Access Control Lists (ACLs)

• Each file and folder in Windows has an Access Control List (ACL), a list of permissions attached to it.

• An ACL defines the permissions for each user or group, specifying who can read, modify, delete, or execute a file or folder.

b. Security Identifiers (SIDs)

• Windows identifies users and groups with Security Identifiers (SIDs), which are unique values that Windows uses to assign and check permissions. 

c Ownership

• Every file or folder has an Owner, the user or group with primary control over it.

• Owners can change permissions and control access to the resource. By default, the creator of a file or folder becomes its owner.

• 
  
  

2. Types of Permissions

Permissions in Windows can be divided into two main categories: Basic Permissions and Advanced Permissions.

a. Basic Permissions

Basic permissions are straightforward and commonly used, allowing users to set access levels easily:

• Read: Allows viewing or listing the file or folder contents.
• Write: Grants permission to modify and add new content.
• Read & Execute: Allows reading and executing the file, such as running applications.
• Modify: Permits reading, writing, and deleting files or folders.
• Full Control: Provides complete access, including reading, modifying, deleting, and changing permissions.

b. Advanced Permissions

Advanced permissions offer finer control over file and folder access. They can be managed in the Advanced Security Settings and include:

• Traverse Folder / Execute File: Allows moving through folders to reach other files (useful for applications) or executing the file.
• List Folder / Read Data: Lets users list folder contents or read file data.
• Read Attributes: Grants permission to view file or folder attributes (like read-only or hidden).
• Read Extended Attributes: Allows viewing additional file or folder metadata.
• Create Files / Write Data: Enables creating new files within a folder or writing data to a file.
• Create Folders / Append Data: Lets users create subfolders or add data to files.
• Write Attributes: Allows modifying file or folder attributes.
• Write Extended Attributes: Permits modifying additional metadata associated with files or folders.
• Delete Subfolders and Files: Grants permission to delete content within folders.
• Delete: Allows deleting the file or folder.
• Read Permissions: Permits viewing the permissions of a file or folder.
• Change Permissions: Enables modifying file or folder permissions.
• Take Ownership: Allows a user to take ownership of a file or folder.

3. Permissions Conflicts and Resolution

• Deny Overrides Allow: If both “Allow” and “Deny” permissions are set, “Deny” takes precedence.
• Multiple Group Membership: If a user is in multiple groups, they’ll receive the most permissive level of access.
• Conflicts are resolved based on the most restrictive combination, ensuring security.

4. Managing Permissions in Windows

You can manage permissions through File Explorer or via the Command Prompt (using icacls or cacls commands for command-line management).

Steps to Set Permissions via File Explorer

1. Right-click the file or folder, select Properties, then go to the Security tab.
2. Click Edit to adjust permissions for users or groups.
3. Select the user or group, then set the permissions (e.g., Full Control, Read, Write).
4. To adjust advanced permissions, click Advanced and modify Special Permissions as needed.

Command-Line Management

• icacls: A command-line tool for viewing and changing permissions.
  • Example to grant read and execute permissions to a user
    
    
    
    
    

5. Practical Scenarios for Permission Settings

Securing Sensitive Folders

For folders containing sensitive data, restrict access by:

• Setting only Read permissions for most users.
• Granting Modify or Full Control only to trusted administrators.

Publicly Shared Folders

For public folders or files:

• Enable Read & Execute for general access.
• Limit Write and Delete permissions to prevent unwanted modifications.

File Paths in Windows

File Path is the unique address location of a file. There are two kinds of file paths:

1. Absolute File Path : provides complete path from root directory to target file directory. eg : C:\Yuvi\Username\Docs\file.txt.

2.Relative File Path : it specifies path of a directory relative to the current directory, thus allowing for for shorter and more concise file references. 

• File Extensions are suffixes (like .txt, .jpg, .exe) that indicate the file type and dictate which application opens it by default.

Conclusion

The Windows directory structure is a critical component of file organization and management in the Windows operating system. Understanding the key directories and how to navigate them is critical for quick file access and system performance. Understanding the directory structure allows you to effectively manage your files, execute programs, and perform system tasks in Windows.