Folder Permissions.

  • Thread starter Thread starter Matt
  • Start date Start date
M

Matt

Hi,

I am running Win2000 server with active directory services
all enabled. I have an area on my network where I would
like to restrict users to be able to do the following:-

Write files
read files
delete folders (disabled)
delete files (disabled)

So I basically want them to be able to save his/her work
all be it in word,excel or pdf. I don't want them to be
able to delete folders or to be able to delete files
either. I have been trying to set this up for about 2
weeks now and using the advanced tab. Unfortuantly I
can't seem to get the right balance.

If someone could help me this I'd be very greatful.

Kind regards,
Matt.
 
what it sounds like you want is to give the users read/write permissions,
but no modify permissions, correct? if that is the case, you should be able
to do this using the simple permissions. just give the users read and
execute, list folder contents, read, write permissions - make sure modify
and full control are unchecked. this will allow users to add folders/files
to the folder (and subfolders depending on if you propegated permissions),
but not be able to delete any folders/files they have not created.

Dan
 
Looking at the DACL of a test folder I've just created, I would do the following

Under advanced, add the user and assign the following permissions

[Allow
Traverse Folder/ Execute Fil
List Folder / Read Dat
Create Files / Write Dat
Create Folders / Append Dat

[Deny
Delete Subfolders and File
Delet

I'd also ensure that you are only granting access to a specific group and administrators and the system (disable permissions inheritance at this level), otherwise you may find there are other groups adding to the access rights (permissions are cumulative)


Paul
__________________________
----- Matt wrote: ----

Hi

I am running Win2000 server with active directory services
all enabled. I have an area on my network where I would
like to restrict users to be able to do the following:

Write file
read file
delete folders (disabled
delete files (disabled

So I basically want them to be able to save his/her work
all be it in word,excel or pdf. I don't want them to be
able to delete folders or to be able to delete files
either. I have been trying to set this up for about 2
weeks now and using the advanced tab. Unfortuantly I
can't seem to get the right balance

If someone could help me this I'd be very greatful

Kind regards
Matt
 
Dan,

I have tried this but it's not working. Should I be
applying this to folder sub folders and files or one of
the other settings?
-----Original Message-----
Looking at the DACL of a test folder I've just created, I would do the following:

Under advanced, add the user and assign the following permissions:

[Allow]
Traverse Folder/ Execute File
List Folder / Read Data
Create Files / Write Data
Create Folders / Append Data

[Deny]
Delete Subfolders and Files
Delete

I'd also ensure that you are only granting access to a
Click to expand...
specific group and administrators and the system (disable
permissions inheritance at this level), otherwise you may
find there are other groups adding to the access rights
(permissions are cumulative).
 
I would say to 'This folder, sub folders, and files'.

In order for these permissions to take effect, the users must logoff and
then logon again.

Also, are they members of other groups that have different access to this
folder? What permissions are set to Authenticated Users, Everyone, and
CREATOR OWNER?


Paul.
____________________________
Matt said:
Dan,

I have tried this but it's not working. Should I be
applying this to folder sub folders and files or one of
the other settings?
-----Original Message-----
Looking at the DACL of a test folder I've just created, I would do the following:

Under advanced, add the user and assign the following permissions:

[Allow]
Traverse Folder/ Execute File
List Folder / Read Data
Create Files / Write Data
Create Folders / Append Data

[Deny]
Delete Subfolders and Files
Delete

I'd also ensure that you are only granting access to a
Click to expand...
specific group and administrators and the system (disable
permissions inheritance at this level), otherwise you may
find there are other groups adding to the access rights
(permissions are cumulative).
Paul.
__________________________
----- Matt wrote: -----

Hi,

I am running Win2000 server with active directory services
all enabled. I have an area on my network where I would
like to restrict users to be able to do the following:-

Write files
read files
delete folders (disabled)
delete files (disabled)

So I basically want them to be able to save his/her work
all be it in word,excel or pdf. I don't want them to be
able to delete folders or to be able to delete files
either. I have been trying to set this up for about 2
weeks now and using the advanced tab. Unfortuantly I
can't seem to get the right balance.

If someone could help me this I'd be very greatful.

Kind regards,
Matt.

.
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

AD Permissions. 1
folder permissions AD 1
JPEG Images & Original Images In OneDrive Folders 3
Outlook Deleting folders in Outlook and Outlook Archive 1
Weird and unwanted folders (MSI####.tmp 8
Access Access variable string for export 0
Error 0xC00D3E8E: The property is read only. One way to fix. 1
Dupicate Folders underTwo Directories in Windows Explorer 1

Back
Top