Windows 2000 server

Posted on 2005-05-03
Last Modified: 2010-04-14
Can i find help from anyone...

my problem is i have logical drive in my server called project and in this driver there are folders from 1996 folder to 2005 folder..this morning when of the users claims that a lot of folders from 2003 missing i went throw the folders i found all the missing folders from 2003 in 2002 ,i don`t know if it is a virus or somebody moved them
my question is there anyway to stop users to move folders from A TO B or to delete ,
or can i have the trace of anyone who did a mistake volontary or unvolontary...
thank you very much
Question by:asaidi
    LVL 9

    Expert Comment

    You can do that by changin NTFS permissions on the folder. If you righ-click the folder -properties-security-advanced-select group you want to change. In the list of permissions you have "delete subfolders" If you set it to deny then they will not be able to delete folders.
    LVL 16

    Expert Comment

    You best solution would be to implement Active Directory Users and Groups.  You can then set specific permissions for Groups of people to allow some to be able to create, edit etc, some to just save work, whilst still allowing Administrators full rights to move things.  With this you could be able to prevent User A opening User B's documents if required.

    Also I think you need to ensure you have a working disaster recovery schedule running on that server.  It sounds like if it fell over you would lose 10 years work.  I have been involved with companies where they lost years of data even though they were backing up as they were using propietry backup software which we had to locate at any cost as the only copy they had was on the server (Don't you love these Manufacturers who send all their software on the drive and no accompanying CDs!!!)

    LVL 10

    Expert Comment

    You can also enable Auditing of Files [success and failure] to track user usage.

    You can either enable it through a GPO for all files servers or on just the one containing your data by using the Local Security Policy on that Server.

    Start -> Administrative Tools -> Local Security Policy

    Expand Local Policies -> Select Audit Policy

    In the right hand pane - Select Audit Object Access [enable success and failure]

    Goto a command prompt -> type secedit /refreshpolicy machine_policy

    Also you need to increase your System Security log as there is going to a considerably increase in the size.
    You might consider changing the way the log is handled when maximum log files size is reached.
    Thses are the options:

    Overwrite as needed
    Overwrite events older than x Days
    Do not overwrite events (clear log manually)

    Once that is done,

    go to the share/file/folder that needed to tracked..

    Goto Properties, and Auditing Tab, specify actions and Users/groups that need to be audited.

    LVL 16

    Accepted Solution

    Yeah i would do what wadski has mentioned if you do not already have a disaster recovery system implemented. We backup to a 1 Terabyte Lacie Firewire external drive. To set the permissions on the share folder in 2000 server right click on it and set the permissions for each specific user. Right click on the share folder> Properties > Sharing > Select the permissions tab > Then you can edit each user you want to just be able to read from the directory or have full control. Hope this helps

    LVL 16

    Expert Comment

    Sorry did not  know if you have got AD or not

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    7 Experts available now in Live!

    Get 1:1 Help Now