Announcement

Collapse
No announcement yet.

Permissions Problem

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Permissions Problem

    Hi,

    I have a problem that driving me crazy!

    server 2008, i have a shared folder.

    i want that users will be able to read + write + create new files&folders + rename existing files&folders, but not to delete anything. seems simple, but apparently not...

    in 1 scenario - the users can read&write but cannot create\rename&delete.
    in 2 scenario - the users can read&write&create&rename but they can also delete!

    is it possible? what am i missing?

    10x

  • #2
    Re: Permissions Problem

    You'll need to go into the advanced permissions. You can then uncheck delete. You should also make sure they don't have permission to change permissions or take ownership. Those are also in the advanced permissions.
    Regards,
    Jeremy

    Network Consultant/Engineer
    Baltimore - Washington area and beyond
    www.gma-cpa.com

    Comment


    • #3
      Re: Permissions Problem

      thanks for the reply.

      been in advanced/special permissions. if i deselect the delete option, they sure cannot delete, but then they cannot ceate new files&folders (actually they can create but cannot name them) or rename existing files&folders.

      and that is the problem!

      again' what am i missing???

      Comment


      • #4
        Re: Permissions Problem

        Sorry, missed the rename. So that is because when you rename it's performing a delete operation under the hood.

        Fire up procmon and you'll see what each action does at the filesystem level.
        Regards,
        Jeremy

        Network Consultant/Engineer
        Baltimore - Washington area and beyond
        www.gma-cpa.com

        Comment


        • #5
          Re: Permissions Problem

          exactly! but that doesnt solve my problem.

          im sure that every system administrator need to do this in his organization.

          what is the right combination??

          Comment


          • #6
            Re: Permissions Problem

            File Server Resource Manager?
            http://technet.microsoft.com/en-us/l.../cc732431.aspx

            Sharepoint?
            Regards,
            Jeremy

            Network Consultant/Engineer
            Baltimore - Washington area and beyond
            www.gma-cpa.com

            Comment


            • #7
              Re: Permissions Problem

              what about File Server Resource Manager? how it will solve my problem?

              sharepoint ?!? i need ntfs permissins....

              again, im sure sys admins have to do this in almost every organization.

              i'll be happy for any assistance

              Comment


              • #8
                Re: Permissions Problem

                As far as I know, rename requires delete permission, so it cannot be done with NTFS.
                If users deleting files is a concern, I would suggest usage policies/HR action against offenders, combined with auditing of object access. Shadow copies may also allow recovery of deleted items.

                SharePoint, because it uses a database rather than the file system, handles files differently (e.g. version control) so is worth investigating.

                Why do you need such granular permissions - they are not usual
                Tom Jones
                MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                PhD, MSc, FIAP, MIITT
                IT Trainer / Consultant
                Ossian Ltd
                Scotland

                ** Remember to give credit where credit is due and leave reputation points where appropriate **

                Comment


                • #9
                  Re: Permissions Problem

                  really, why its so unusual?

                  seems like that delete and rename hang on the same permission, very stupid of microsoft....

                  lets say you have a folder that contains very important and critical information.
                  you want that the users will be able to do everything but deleting, even by accident. what would you do then ??

                  Comment


                  • #10
                    Re: Permissions Problem

                    Well, that's the way NTFS permissions have worked since NT....
                    If you you will see there are a few discussions similar to yours but the answer is always the same - take it up with MS....

                    btw, unless Linux have changed from the rwx permission model, NTFS is still more flexible.

                    In your case, I would probably use SharePoint as it has much more flexible versioning and recovery options, or rely on frequent backups, plus Shadow Copies, plus Auditing, plus a lot of user education
                    Tom Jones
                    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                    PhD, MSc, FIAP, MIITT
                    IT Trainer / Consultant
                    Ossian Ltd
                    Scotland

                    ** Remember to give credit where credit is due and leave reputation points where appropriate **

                    Comment


                    • #11
                      Re: Permissions Problem

                      Ye, seems like the answer lays on users education\actions against offenders.

                      i also belive that there are third party software that can do what i want, like DLP systems. but they're veryyyyyyyy expensive.

                      thanks for your help

                      Comment


                      • #12
                        Re: Permissions Problem

                        No problem - sorry I can't provide a "magic bullet"
                        Tom Jones
                        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
                        PhD, MSc, FIAP, MIITT
                        IT Trainer / Consultant
                        Ossian Ltd
                        Scotland

                        ** Remember to give credit where credit is due and leave reputation points where appropriate **

                        Comment

                        Working...
                        X