File Security

W

W.Kiernan

I need help with setting permissions on a W2K server.
Currently I have a folder that give the user of this
folder permission of read & execute, list folder contents
and read. The advance permissions are (Allow Special)
create files / write data, create folders / append data,
write attributes, and (another Allow) read & execute with
permissions of traverse folder / execute file, list
folder / read data, read attributes, read extended
attributes, and read permissions. There is a Deny with the
denied permission of write extended attributes.
Since this file has an audit trail embedded in it I cannot
allow the availability for the user to overwrite this
file. What I need to do is allow a user to write a file to
this folder (which it works) and be able to save changes
to this file, which dose not work because of the Deny. I
added the deny because when the user dose “Save As” and
uses an existing filename it deletes all the content in
the existing file and replaces the audit trail with a new
one. So how can I allow users to make changes to a file
but deny “Save As” an existing filename?
 
D

Dmitry Korolyov

You can set more specific permissions at a file level, not at a folder level. Or (which sounds better for me) to place these important files in a separate folder and specify permissions at that folder level.

--
Dmitry Korolyov [[email protected]]
MVP: Windows Server - Active Directory


I need help with setting permissions on a W2K server.
Currently I have a folder that give the user of this
folder permission of read & execute, list folder contents
and read. The advance permissions are (Allow Special)
create files / write data, create folders / append data,
write attributes, and (another Allow) read & execute with
permissions of traverse folder / execute file, list
folder / read data, read attributes, read extended
attributes, and read permissions. There is a Deny with the
denied permission of write extended attributes.
Since this file has an audit trail embedded in it I cannot
allow the availability for the user to overwrite this
file. What I need to do is allow a user to write a file to
this folder (which it works) and be able to save changes
to this file, which dose not work because of the Deny. I
added the deny because when the user dose “Save As” and
uses an existing filename it deletes all the content in
the existing file and replaces the audit trail with a new
one. So how can I allow users to make changes to a file
but deny “Save As” an existing filename?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

NTFS Permissions - Sub-Folders 4
Permissions 1
Deny users the right to delete folders/subfolders 2
Allow saves and reads but not edits 8
Default file/folder security permissions for a new user 3
Excel 2007 with delete deny can't save 7
question about windows 2000 resoruce kit -- xcacls.exe 2
File Ownership Problem/Question 3

Top