How to set partition root security?

M

Majstor

Hello,

I want to establish new security settings on partition X:

1) No one should be able to create, modify or delete objects in root of
partition, except Admin group.
2) Security settings of all lower levels (starting with root folders down
the tree) should remain INTACT.

I have tried but my way of thinking didn`t help:

On partition X I created policy this way:

"Everyone"- "apply onto: this folder and files", only read and no
write/modify/delete permissions ("apply these permissions to objects and/or
containers within this container only")

"Admins" - all permissions ("apply these permissions to objects and/or
containers within this container only")

What I get is that policy is applied to "this folder and files" but no one
can access second-level folders though previously it was "allow everyone
everything".
So I didn`t get "apply these permissions to objects and/or containers within
this container only" right since all lower-level settings were not
preserved.

Where do I go wrong?

Regards,
Vladimir
 
S

Steven Umbach

Set the everyone group to be list/read/execute for the root folder in the main
security page which will be for folder/subfolders/files. Then go into the
advanced page, select add and enter the appropriate group [which could be
everyone again]. Select subfolders and files in apply onto and then select the
permissions you want them to have. When done select OK. You can have the same
group showing more than one in the advanced permissions page. --- Steve
 
M

Majstor

Hi Steve,

"Everyone" cannot create files or change anything in root, BUT CAN DELETE
FILES AND FOLDERS IN ROOT FOLDER.
Even when I explicitly deny "delete" rules. All lower-level structures OK!
What is the problem?

Regards,
Vladimir

Steven Umbach said:
Set the everyone group to be list/read/execute for the root folder in the main
security page which will be for folder/subfolders/files. Then go into the
advanced page, select add and enter the appropriate group [which could be
everyone again]. Select subfolders and files in apply onto and then select the
permissions you want them to have. When done select OK. You can have the same
group showing more than one in the advanced permissions page. --- Steve


Majstor said:
Hello,

I want to establish new security settings on partition X:

1) No one should be able to create, modify or delete objects in root of
partition, except Admin group.
2) Security settings of all lower levels (starting with root folders down
the tree) should remain INTACT.

I have tried but my way of thinking didn`t help:

On partition X I created policy this way:

"Everyone"- "apply onto: this folder and files", only read and no
write/modify/delete permissions ("apply these permissions to objects and/or
containers within this container only")

"Admins" - all permissions ("apply these permissions to objects and/or
containers within this container only")

What I get is that policy is applied to "this folder and files" but no one
can access second-level folders though previously it was "allow everyone
everything".
So I didn`t get "apply these permissions to objects and/or containers within
this container only" right since all lower-level settings were not
preserved.

Where do I go wrong?

Regards,
Vladimir
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

NTFS Permissions - Sub-Folders 4
Error Applying Security: Access is denied 0
How to deny a read access to an object's attribute in AD 0
Security Templates 1
Security Template does not apply folder permissions 17
Accessing the security tab on a partitioned drive 5
Windows 2003 - Share Permissions & Security Permissions 1
Possible bug in XP security permissions propagation 1

Top