Security on Folder and Files.. should be easy but MS Security is strange!

  • Thread starter Stefano Peduzzi
  • Start date
S

Stefano Peduzzi

Hello,
I'm having some problems in configuring a FileSystem. Here a short
explanation of the folder structure:
Level 0-1: Main folders (i.e. Accounts, HR, Orders, Finance and so on), no
files. Static.
Level 2: "Working" folders. Tipically created once a month. No files.
Levele 3: Files and SubFolder of Working folders (e.g. "Drawings"). Very
Dynamic.

I want to set-up 3 profiles:
1) Administrator: can do what he wants (it's me!!;)). Seems easy in Windows
(full control to Everyone by default... searching troubles as an
"attitude"!)
2) Profile 1 (usually a Project Manager or a "KeyUser"): can only navigate
Level 0 e 1 (2,3 also). Can create folders on Level 2 and 3 (in 3 only if he
is the user that created the level 2 folder). But he can't delete or move
folders on Level 2 and 3 if he isn't the user that created the folder. He
can do what he wants in Level3 if he created the folder in Level2.
3) Profile 2 (usually a member of the Project Team): can navigate all the
levels (0,1,2,3). Can't do ANYTHING on folders. Can create or modify files
on level 3 (and deeper if exists). Can delete only the files HE created.

How should I set the permissions on Level 0, 1, 2, 3 folders for Profile 1
and Profile 2 users?????

(Being more "astract" I think I would "like" to set different permissions on
FILES and on FOLDERS).

Any help is REALLY appreciated (also a source for "deep" info on Windows
Security Permissions would be nice to know too!)...

Ciao,
Stefano
 
S

Stefano Peduzzi

Hi Steve,
Thanks for the info (the articles seems really interesting!). Could you just
clarify me what do you mean with "Log off/Log on" (and why!)? I had setup my
test enviroment this way:
1. I Created the test folder on a File Server (SRV1) and I set the
permissions for an ActiveDirectory user (USR1).
2. I shared the folder with full control to everyone
3. I tested the access to folders from another machine (PC1) using USR1
Do you mean I should logoff USR1 from PC1 and then login again? Should I do
anything on SRV1?
I think what you said means that you get the security settings the first
time in a "session" you access to the remote folder....weird!!!

Ciao
Stefano
 
S

Steven L Umbach

What I meant was when you make a change to NTFS permissions, that they
may not take effect for that user/group[changes implemented] until you log
off and then back on for the first time. That's all. -- Steve
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Security Templates 1
How to set partition root security? 2
Moving files and security permissions, when you don't have permission 5
Security and Permissions 10
Windows 2000 folder, files security setting did not propagate correctly? 3
Permissions Batch File 2
File/Folder encryption - Compliancy with PCI 3
Default file/folder security permissions for a new user 3

Top