Advertisement

02.08.2007 at 12:39PM PST, ID: 22155525
[x]
Attachment Details
[x]
The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

  • The Grade of the Solution
  • The Zone Rank of the Expert Providing the Solution
  • The Number of Author and Expert Comments
  • The Number of Experts Contributing
  • The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!
6.8

FIle share permissions problem in  Windows Server 2003

Zones: Active Directory, Windows 2003 Server, Microsoft Operating Systems
Tags: 2003, server, windows, share, file
Somehow I have destroyed my file share permissions on my Windows 2003 server and no matter what I do I cannot resotre them properly.

I have about 3000 file folders on the server, and document files within each.  I wish to grant full permissions to each user on the network to read, write, change, ect.

Somehow, while experementing with settings, I made some changes and now some folders and other documents within folders are not all accessable from every client (all Windows XP home edition).   I can not figure out what the dependent variable is that makes some files accessable and others not.  While perhaps barking up the wrong tree, I wonder if it is either an ownership problem, or one having to do with different original authors of the files/documents.  I say this because some documents within the same folder are accessable and others are not.

By the way, almost all the documents are scans, split evenly between pdf's and TIFF's.

I have tried to set the security and sharing permissions so that "administrators," "all users," " everyone" and each individual user all have full permissions.  Yet some files and  documents are still inaccessable.

I did this successfully once, I should be able to do it again.  But for the life of me I can not figure out what is missing.  I don't mind if you make is easy at the expense of security.  I just wish to make all files and documents available to every user on the network.
Start your free trial to view this solution
Question Stats
Zone: Software
Question Asked By: jamesschwartz
Solution Provided By: 65td
Participating Experts: 1
Solution Grade: A
Views: 221
Translate:
Loading Advertisement...
02.08.2007 at 01:12PM PST, ID: 18497246

Rank: Guru

65td:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
02.08.2007 at 01:37PM PST, ID: 18497421
jamesschwartz:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
02.08.2007 at 01:59PM PST, ID: 18497608

Rank: Guru

65td:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
02.08.2007 at 02:06PM PST, ID: 18497666
jamesschwartz:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
02.08.2007 at 02:11PM PST, ID: 18497709

Rank: Guru

65td:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
02.09.2007 at 06:25AM PST, ID: 18501338
jamesschwartz:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
02.09.2007 at 06:53AM PST, ID: 18501575

Rank: Guru

65td:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
02.09.2007 at 07:32AM PST, ID: 18501916
jamesschwartz:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
02.09.2007 at 07:38AM PST, ID: 18501977

Rank: Guru

65td:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
02.09.2007 at 07:59AM PST, ID: 18502182
jamesschwartz:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
02.09.2007 at 10:13AM PST, ID: 18503321

Rank: Guru

65td:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
02.09.2007 at 11:38AM PST, ID: 18503933
jamesschwartz:

All comments and solutions are available to Premium Service Members only.

Start your 7 day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
 
Loading Advertisement...
Microsoft
  • Internet Protocols
  • Applications
  • Development
  • OS
  • Hardware
  • Windows Security
Apple
  • Operating Systems
  • Hardware
  • Programming
  • Networking
  • Software
Internet
  • Search Engines
  • File Sharing
  • WebTrends / Stats
  • Spy / Ad Blockers
  • Web Browsers
  • New Net Users
  • Web Development
  • Chat / IM
  • Anti Spam
  • Web Servers
  • Anti-Virus
  • Email Clients
Gamers
  • Tips
  • Online / MMORPG
  • Puzzle
  • Emulators
  • Action / Adventure
  • Role Playing
  • Consoles
  • Game Programming
  • Strategy
  • Sports
  • Misc
  • Computer Games
Digital Living
  • Hardware
  • New Net Users
  • New Users
  • Software
  • Digital Music
  • Gaming World
  • Home Security
  • Apple
  • Networking Hardware
Virus & Spyware
  • Vulnerabilities
  • IDS
  • Encryption
  • Anti-Virus
  • Operating Systems Security
  • Software Firewalls
  • WebApplications
  • Cell Phones
  • Operating Systems
  • Internet
  • Hardware Firewalls
Hardware
  • Handhelds / PDAs
  • Displays / Monitors
  • Components
  • Networking Hardware
  • Peripherals
  • Laptops/Notebooks
  • Storage
  • Servers
  • Desktops
  • New Users
  • Misc
  • Apple
Software
  • System Utilities
  • Industry Specific
  • Network Management
  • Photos / Graphics
  • Page Layout
  • VMWare
  • Misc
  • Web Development
  • OS
  • CYGWIN
  • Voice Recognition
  • Message Queue
  • Quality Assurance
  • Security
  • Firewalls
  • MultiMedia Applications
  • Development
  • Database
  • Office / Productivity
  • Business Management
  • OS/2 Apps
  • Server Software
  • Internet / Email
ITPro
  • OS
  • Storage
  • Encryption
  • Operating Systems Security
  • Apple Hardware
  • Laptops & Notebooks
  • Servers
  • Networking Hardware
  • Peripherals
  • Devices
  • Displays / Monitors
  • WebTrends / Stats
  • Search Engines
  • Firewalls
  • WebApplications
  • IDS
  • Vulnerabilities
  • Email Clients
  • File Sharing
  • Spy / Ad Blockers
  • Web Browsers
  • Web Servers
  • Networking
  • Anti-Virus
  • Chat / IM
  • Anti Spam
Developer
  • Web Servers
  • Web Browsers
  • Game Programming
  • Dev Tools
  • Industry Specific
  • Office / Productivity
  • Database
  • CYGWIN
  • Web Development
  • Search Engines
  • File Sharing
  • WebTrends / Stats
  • Programming
  • Content Management
  • Application Servers
  • Protocols
Storage
  • Removable Backup Media
  • Storage Technology
  • Servers
  • Grid
  • Remote Access
  • Backup / Restore
  • Misc
  • Hard Drives
OS
  • Miscellaneous
  • Security
  • Development
  • Linux
  • VMWare
  • MainFrame OS
  • Unix
  • Apple
  • OS / 2
  • AS / 400
  • BeOS
  • Microsoft
  • VMS / OpenVMS
Database
  • Oracle
  • Miscellaneous
  • MySQL
  • Software
  • Sybase
  • Contact Management
  • PostgreSQL
  • Data Manipulation
  • Clarion
  • InterSystems Cache
  • Siebel
  • MUMPS
  • OLAP
  • SQLBase
  • SAS
  • GIS & GPS
  • 4GL
  • Berkeley DB
  • DB2
  • Informix
  • Interbase / Firebird
  • FoxPro
  • Reporting
  • LDAP
  • Filemaker Pro
  • MS SQL Server
  • dBase
  • MS Access
Security
  • Misc
  • Web Browsers
  • Software Firewalls
  • Operating Systems Security
  • File Sharing
  • Spy / Ad Blockers
  • Vulnerabilities
  • WebApplications
  • IDS
  • Anti-Virus
  • Encryption
  • Anti Spam
  • Email Clients
  • VPN
  • Chat / IM
Programming
  • Editors IDEs
  • Installation
  • Handhelds / PDAs
  • Multimedia Programming
  • System / Kernel
  • Algorithms
  • Game
  • Signal Processing
  • Project Management
  • Open Source
  • Database
  • Misc
  • Languages
  • Processor Platforms
  • Theory
Web Development
  • Scripting
  • Blogs
  • Web Servers
  • Software
  • Search Engines
  • Web Graphics
  • Images
  • Internet Marketing
  • Images and Photos
  • Components
  • Document Imaging
  • Web Languages/Standards
  • Illustration
  • WebApplications
  • Fonts
  • WebTrends / Stats
  • Authoring
  • Digital Camera Software
  • Miscellaneous
Networking
  • Protocols
  • Apple Networking
  • Network Management
  • Message Queue
  • Application Servers
  • Content Management
  • File Servers
  • Email Servers
  • Misc
  • Java Editors & IDEs
  • Wireless
  • Networking Hardware
  • Backup / Restore
  • System Utilities
  • ISPs & Hosting
  • Web Servers
  • Storage Technology
  • Removable Backup Media
  • Servers
  • Broadband
  • Grid
  • OS / 2
  • Novell Netware
  • Unix Networking
  • Windows Networking
  • Security
  • Telecommunications
  • Operating Systems
  • Linux Networking
Other
  • Community Advisor
  • Lounge
  • Community Support
  • New Net Users
  • Philosophy / Religion
  • Math / Science
  • Miscellaneous
  • URLs
  • Expert Lounge
  • Politics
  • Puzzles / Riddles
Community Support
  • Suggestions
  • New to EE
  • New Topics
  • Community Advisor
  • CleanUp
  • Announcements
  • General
  • Feedback
  • Input
  • EE Bugs
 
02.08.2007 at 01:12PM PST, ID: 18497246

Rank: Guru

65td:
On the data drive at the root right select, properties, security, advanced button , owner tab, have the administrators local group take ownership (may take a while).

Once done at the root give Administrators and System Full control.  Select Replace permissions entries on all child objects....

Then give the users Change or less. Where required
I would recommend not allowing users full control only change /modify should be adequate.
Accepted Solution
 
02.08.2007 at 01:37PM PST, ID: 18497421
jamesschwartz:
Thank you.  This worked.  I was reluctant to check the box "Replace permission entries on all child objects ..."  because I did not want to screw anything up.  But that did the trick.

Regarding restricting useres, specifically what settings should I use if I wish  users to be able to add documents and create folders, but not delete any documents or folders?
 
02.08.2007 at 01:59PM PST, ID: 18497608

Rank: Guru

65td:
Before allowing users any access ensure at folders below the root that AdministratorS (not administrator) and system have permissions inherited at that folder (greyed out and listed as inherited).

Then at the folder or folders right select properties, security, select the Add button, add the group or user, select Modify (in box below), then select the Advanced button, highlight the user, then select Edit button, unselect Delete check box.  Select OK.

Go back and review settings and ensure change was made correctly, Then using a test user, test out the access.

Be advised the above settings do not work well with MS Office (Word, Excel, etc)  see the web for details.
 
02.08.2007 at 02:06PM PST, ID: 18497666
jamesschwartz:
Thanks much. I will try this tomorrow (late for a meeting now) and provide feedback here.
 
02.08.2007 at 02:11PM PST, ID: 18497709

Rank: Guru

65td:
Enjoy the meeting.
Let me know.
 
02.09.2007 at 06:25AM PST, ID: 18501338
jamesschwartz:
I am having difficulty executing your recommendations.  Perhaps a detailed description of my file structure and what I could and could not do will help.

Partition F has six folders, one of which is called Old Records.  Within Old Records are about 3,000 individual folders, each of which contains files, mostly pdf and TIFF scans.  It is these individual folders (and their contained files) that I wish to prevent deletion of.

You said: Before allowing users any access ensure at folders below the root that AdministratorS (not administrator) and system have permissions inherited at that folder (greyed out and listed as inherited).

I understood the term "root" to mean partition F and "folders below the root" to mean my folder titled Old Records.  Under Advanced Security Settings for Old Records, AdministratorS and System are both listed as Inheretid from F:\.  I am not exactly certain what "greyed out" means, however under the Security tab of Old Records Properties, the permissions are greyed out. For Administrators, Full Control and Modify are unchecked (all other permissions are greyed out and checked).  For System all permissions are greyed out and checked except Special Permissions, which is greyed out and unchecked.

You Said: "Then at the folder or folders right select properties, security, select the Add button, add the group or user, select Modify (in box below), then select the Advanced button, highlight the user, then select Edit button, unselect Delete check box.  Select OK."

Your description is what shows for Everyone and Users.  I suspect this is because (and here is where I might have done something wrong) I first set the permissions at F:\ by  right clicking Sharing and Security, choosing the security tab and setting the permissions there, also checking the box at the bottom that applies the permissions to all sub folders.  I uncheced the Delete permission for :Administrators, Creator Owner, Everyone and Users.  I did not unckeck the Delete permission for System (I am too niave to tell you why I left the Delete permission for System - I just did).

Now, although Delete shows as unchecked for the permissions on the daughter folder Old Records, as well as for all the subfolders within, I am still able to delete files from a workstation, which is the very thing I am endevoring to prevent.

Thanks and PS: I would be happy to repost this question with another point award,  just let me know.
 
02.09.2007 at 06:53AM PST, ID: 18501575

Rank: Guru

65td:
Let's go back one step.  At the F drive check security ensure Administrators and System have full control.
If inheritance is on then looking at folders inside of "Old Records" administrators and syatem should have full control.

How do the users access the files?  Through a share or unc (\\servername\foldername)?

Did you run your test as you (Adminstrator) or as a test user?

Is the server part of a domain or a stand alone file server?
 
02.09.2007 at 07:32AM PST, ID: 18501916
jamesschwartz:
In the F drive, Administrators did not have full control and so  I checked this box an applied. System did have full control. I went back to Permissions tab in the Advanced button and re propagated the permissions through the daughter folders. Now in the daughter folders Administrators and System are listed as having full control.

When I first set up the server, I had trouble with network access until I figured how to create users and give them passwords.  Then the server files were accessible.  But then from some workstations a user name and password is required to access the files and from others I can navigate to the files without a user name and password.  So  I am a bit confused on this point and I am willing to make redo it properly, if I knew how.

Regarding how I test, I logged on from one of the workstations that does require a user name and password.  I logged on as one of the other users, thinking perhaps my logon account is an administrator.  Yet I am still able to delete files. Could I have created every user as an administrator?  I went to the properties of the users and I see no place to designate the level of users.  I did note that each user I created is a member of the group called "Users."

The server is a member of a workgroup, but not a domain.
 
02.09.2007 at 07:38AM PST, ID: 18501977

Rank: Guru

65td:
On the server open Computer Mangement, Local Users and Groups review the Administrators group, ensure only those who should have administrative access are there.

How is the "Users" group permissioned on the folders?
 
02.09.2007 at 07:59AM PST, ID: 18502182
jamesschwartz:
In Groups, the only member of Administrators is Administrator.  The users only appear in the Users group.

In the Old Records properties, Users have the following permissions (greyed): Read and Execute, List Folder Contents, Read, Write, Special Permissions - in other words all but Full Control and Modify.  

In the Advanced Security Settings, the users have all but Full Control and Delete, and these are also greyed.  Eruika (maybe): Delete Subfolders and Files is checked.
 
02.09.2007 at 10:13AM PST, ID: 18503321

Rank: Guru

65td:
I'd say you got it!?
 
02.09.2007 at 11:38AM PST, ID: 18503933
jamesschwartz:
I did!  Thanks so much for all your help.  

The bad news is that in the end I do not think the OS will allow me to do exactly what I want, because it lumps all the ways to create new files in with delete.  Thus, I can either lock down the files so users can only view them, or I can allow users to create (scan-in, print to pdf and rename), copy,  paste and move, but also accidentally delete.  Would you agree with this?  Unfortunate, because it seems such a logical task: to allow all kinds of creation (move files into folders, create new folders, etc) but no deletion.
 
 
20080236-EE-VQP-29