Here is my current, simple security structure right now on my windows 2000 server (hostname - jefferson).
Group - sdc users (members - everyone in the company)
Group - sdc dba's (members - 6 dba's in the company)
Group - sdc dev's (members - 4 dev's in the company)
I have a user George Bush, who belongs to the sdc users group and the sdc dba's group.
I am trying to limit access to the following file on my server to allow only sdc dba's. (s:\shared\test-dir\APC\apc_folio.xls).
So I went into the file permissions for this file and unchecked the "allow inheritable permissions from parent to propagate to this object" box and then added the administrators group and the sdc dba's group to the list of objects that are allowed to access this file.
I then go to george bush's computer and map a drive to \\jefferson\shared. Then, navigate to the apc_folio.xls file and try to open it and can't. I get the following error: "Cannot access read-only document 'aps_folio.xls'"
If I change the file permissions to allow "sdc users", george bush can access the file without a problem.
What am I missing here.