Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Removing File Deletion Privileges in Windows Server 2000

Posted on 2004-09-12
4
Medium Priority
?
197 Views
Last Modified: 2013-12-04
i have been asked to remove a group's delete file privilges from a set of files in a particular directory, while allowing them to retain read, write, and execute.  these files are typically word files or excel files.  in my test, after changing privileges to the directory, when i double-click the word file i wish to make changes to and try to perform a save-as i receive error messages because word is attempting to delete the .tmp files it has created in the directory i have just relinquished file deletion privileges from.  assigning privileges on a file by file basis is not an option, as there are over 1000 files in this one directory alone and users will be creating new files from original files that they open.
0
Comment
Question by:NetNeedy
4 Comments
 
LVL 97

Expert Comment

by:Lee W, MVP
ID: 12039169
My understanding of how word works:

You open file, Word Reads it and creates a temp file in the same directory that the word document is in
When you save the file word Deletes the original and rewrites it.
When you leave word properly, it deletes the temp file.  In short, to maintain editing ability and to create new documents, you will not be able to remove "delete" privilages.

See
http://support.microsoft.com/default.aspx?scid=kb;EN-US;211632
0
 
LVL 86

Expert Comment

by:oBdA
ID: 12039189
That's not really possible; what's the point anyway? If a user has write access to a file, he has the means to delete it (by removing the contents and saving the file). It might of course be desirable to prevent accidential deletion in Windows Explorer, while allowing changes through the program, but how is the OS supposed to tell an "accidential" deletion from a wanted one?
0
 
LVL 5

Accepted Solution

by:
ralonso earned 1500 total points
ID: 12042722
the best you can do is the following:
assign delete rights to CREATOR_OWNER

That way only the creator can delete the (temporary) files.

otherwise you'll get stuck with loads of temp files.

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 12044956
AFAIK word's *.tmp files are placed in the directory specified in the TMP or TEMP environment variable, only if the variable is missing . will be used
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
OfficeMate Freezes on login or does not load after login credentials are input.
Integration Management Part 2
Loops Section Overview
Suggested Courses
Course of the Month12 days, 8 hours left to enroll

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question