Need help setting a special permission

X

XxLicherxX

Hello everyone,

I need help setting up special permissions to work in the following
way: I have a user who I want to have read access to the folder. This
user should also have the ability to create files/folders, but not
modify the contents of a file/folder or delete the file/folder, unless
that the user created the file/folder.

I have attempted to do it this way:

I gave the user the following "allowed" permissions:

Read and Execute
List Folder Contents
Read
Write

I did not place a check mark next to:
Modify
Full Control

However with these permissions, the user can still open any file in the
directory, regardless of who created it, change something and then save
it. Now correct me if I am wrong, here, isn't that "modifying" the
file? This is something the user should not be allowed to do (and
doesn't have permissions to do). What is the difference between "Write"
and "Modify"?

When I try denying the "Modify" ability, I it also denies the "Write"
ability.

I went into the special permissions and saw something called "Create
Folders/ Append Data".
This looks like it would work, execpt I still need to allow the user
the ability to create folders. Why would these two things be grouped
together?

Thanks

Dave
 
S

Steven L Umbach

Write permission for the file might allow a user to alter a file if in the
process the application does not delete the original file. In that case the
user would be using his append data/write data permission. The link below
explains special permissions. What I would try is to give the user/group
read/list/execute permissions on the general security page which is for
folder, subfolders, and files. Then in special permissions add the
user/group again and select the two permissions for create files and create
folders and for the "apply onto" box select folders and subfolders only. The
user however would be able to modify his own files because the owner would
be given permissions shown for creator owner which by default is full
control. FYI when you see a two part permission such as Create Files/Write
Data, the permission before the / applies to folders only and the permission
after the / applies to files only. --- Steve

http://support.microsoft.com/default.aspx?scid=kb;EN-US;308419

Create Files/Write Data
The Create Files permission applies only to folders and allows or denies the
user from creating files in the folder.

The Write Data permission applies only to files and allows or denies the
user from making changes to the file and overwriting existing content by
NTFS.


Create Folders/Append Data
The Create Folders permission applies only to folders and allows or denies
the user from creating folders in the folder.

The Append Data permission applies only to files and allows or denies the
user from making changes to the end of the file but not from changing,
deleting, or overwriting existing data .
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top