akhonnet
asked on
setting folder permission in win2000
i want my users not to create or delete files in my c: drive so i gave them read permissions, now the problem comes while running the installed programs such as TC. while running TC it gives error "not able to initialise or write to C:\Documents and Settings\username\Local Settings\temp..."
how do i give permissions so that i can avoid users to change system file or create file & folders in c: drive, also my users should not face problems in running the installed programs like TC or MSOFFICE or Visual studio.
how do i give permissions so that i can avoid users to change system file or create file & folders in c: drive, also my users should not face problems in running the installed programs like TC or MSOFFICE or Visual studio.
Users need to have write permissions to their own profile directories at the very least: You should check out the permissions on each of the profile foldders in "c:\documents and settings".
When you say you don't want users creating files in c:\, do you mean in the entire drive? Or just in the root directory? If you only want to prevent them from creating files in the c:\ root, set Permissions as follows:
Grant Everyone Read and Execute permissions to C:\ in the Security Tab of C:\ properties.
Click Advanced
Click Add, select Everyone
In the box which gives you the options to select permissions, select "Subfolders Only" from the "Apply To:" drop-down box.
Check all permissions boxes for Allow (Full Control).
That will prevent users from creating any files or folders directly in c:\, but still allow them to write to the rest of the directory tree.
When you say you don't want users creating files in c:\, do you mean in the entire drive? Or just in the root directory? If you only want to prevent them from creating files in the c:\ root, set Permissions as follows:
Grant Everyone Read and Execute permissions to C:\ in the Security Tab of C:\ properties.
Click Advanced
Click Add, select Everyone
In the box which gives you the options to select permissions, select "Subfolders Only" from the "Apply To:" drop-down box.
Check all permissions boxes for Allow (Full Control).
That will prevent users from creating any files or folders directly in c:\, but still allow them to write to the rest of the directory tree.
ASKER
yes i've full access to the c: drive. i've multiple domain users using the same system, if i give the users permission to write inside the system folders them they may play with the system files, and without giving them the access, the users are not able run applications like officeXP, also users using visual studio can't add components to the applications, and for that i've to give them power user rights or admin rights.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Check out this url http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/Default.asp?url=/resources/documentation/Windows/XP/all/reskit/en-us/prkc_fil_vtmz.asp to see the advanced permissions you can set for users. Also the C:\Documents and Settings\username folder should have had specific permissions for your user account and administrators only.