We had a customer that was running Windows NT server before we moved them onto their new server with Windows 2000 Server. We did not copy the permissions across and so had to rebuild them.
The problem is that previously in Windows NT, the customer was able to restrict deletion in the shares they had. Only the deleting was not allowed BUT everything else was allowed like modifying, renaming, creating files and folders. NOW with Windows 2000 we can't seem to ge the same permission as was allowed under Windows NT. If we gave them access to modify, they are still able to delete files and folders in the share. I tried playing around with the various permission and security settings under both the folder (share) and file level access. Have even gone to the advanced security settings to select the appropriate security settings but the closest I have come to is that users cannot delete BUT also cannot rename files that they create though they can still modify them.
What I want is the user to have ALL other rights, access, permission and security to do anything with the files and folders under the share except deleting. They SHOULD NOT have the permission to delete anything under the share as it is shared with other users and its a headache to restore from backups. Under Windows NT this was simply to do by unchecking delete but I have found out it is not so easy under Windows 2000. I just can't find the right mix and match of rights to give the users everything except the power to delete data (even the data they create. Even though they are creator or owner, should not be able to delete too)