Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 478
  • Last Modified:

deny delete allow change permission fails

Trying to allow users to add, read, modify but not delete
files on a win 200 advanced server using Active Directory.
In the advanced file settings for the folder, I have
removed the delete permissions and added deny permissions
some files refuse to save under the original file name at this point,
offering a temporary name instead. In the end one file
will become many different files. The permissions work
with an ordinary text file.

Do you have an idea why?

May I know the diference between Share permission and Security permisions

Please send me response to cmoreno@tatungmx.com, instead of Juan Tsokanis, he is my boss and I don't want to bother him.

  • 3
2 Solutions
share permissions are set once at the share root, and apply to every file/directory in the share - they also only apply when the data is accessed over the network.

NTFS (security) permissions can be defined individually for every file/directory - they apply no matter how the data is being accessed

If they are both being used (ie. when over a network) the MOST restrictive of the two wins out

ie. NTFS is Full, Share is Read - when I access over the network I have READ
NTFS is Ream, Share is Full - when I access over the network I have READ

- for what you're doing, I would share with Full Control, and use NTFS to tweak the permissions
ps. it's against the EE rules to answer questions off-site...gotta keep it in EE
This won't work. "Modify" includes "Delete". What would be the point of separating them? If you can modify a file, you can modify it to contain plain nothing, the difference to deleting it being marginal.
in the 'advanced' permissions, it gives you the impression that this will work ("write data" and "delete" are separate permissions) however; in practice I believe that the reason it won't work is because, when you edit a Word document, it creates a temporary file..then when you save the data, it tries to delete the temporary file (which it can't). You may be noticing a bunch of .~tmp files in that directory...

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now