• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 551
  • Last Modified:

Can't remove read only attributes from Windows Explorer on all directories within the server

I have just added a new domain to my network and installed a new windows 2003 server.  All my users have moved over to the new domain and can access their mail however when they try accessing their files they get the access is denied message on their screens.  After looking at the server all the directories within the root drive are all set to "read only" and when I uncheck the tick box I get the question do u want to change all the sub-directories as well, so I apply these setting and the read only disappears but when I go back into that file the read only is still checked (grey).  I have tried all the suggestion on this website but I'm not getting anywhere and need this to be sorted ASAP.  Please can some help. I've read the MS articles but they don't help either.  I have also tried removing the shares and reapplying with the correct permissions but that also does not help.

Please can some get back to me ASAP


1 Solution
Pete LongConsultantCommented:
All Folders Are Read only?

The square (or greyed out check mark) for a folder means NOTHING, NO CHANGE, WAITING
FOR YOU TO USE ME.  This is because the read-only box in a folder's properties is
only used to apply or remove the read-only setting from all of the folder's files
at once. If you clear the box and click Apply, then the files in the folder will
be cleared of any read-only attributes they have. Like wise for checking the box
to apply the attribute to all files.  The square reappears the next time because,
once again, you haven't used it.

FOLDERS do NOT have a functional read-only attribute in Windows.  The read-only attribute
is only for files.  The read-only check-box for folder properties is a bad and confusing
design.  If you want to avoid read-only confusion, check individual files, ignore

Windows file systems actually use the read-only attribute for a folder to make it
customisable, but the checkbox in a folder's properties has nothing to do with that.
 You cannot prevent a folder's contents from being changed using the read-only attribute.
 You can read more about that here:    


From http://www.annoyances.org/exec/forum/winxp/1065399208
prakashshahAuthor Commented:
Thanks for that however none of my users can edit or add files within these folders which is becoming a major problem.  I have tried a number of solutions that have been commented on this web site and solutions on microsoft's website but I'm still get nowhere.

Please help


I set the permissions on the shares on a group basis per dept.
Ie you may have users in accounts dept who you want to have the change amend atrributes of the accounts share, called say accounts1
and users within say admin who need say read only access of the accounts1 share.
In the above scenario all users would have read only access to the accounts1 share via their default membership to the authenticated users group and everyone group.

You could create 2 security groups, one called
Accounts1 amend (for arguments sake)
and one called
Admin Accounts (you get the idea though)

Remove Authenticated users and the everyone group from the Accounts1 share.
Obviously leave in your Domain admins etc.
Add the 2 newly created security groups above to the Accounts1 share.
Make sure that the Admin Accounts group have only read only access,
And give the
Accounts1 Amend the required permissions to allow them to add/amend/delete/files/folders/ or what ever it is you require, only you will know what permissions they need.

On the security Tab of the share
Click Advanced
On say the Acounts1 Amend group
Select Edit
Then change the permissions as required
>>>DONT FORGET TO select the correct drop down<<<
This Folder Only
This Folder SubFolders and Files (Probably your best bet to get you up and running)
Files Only
There are a few options in here which you can select and as above only you will know what access you want to give it.

You could if you wanted Leave the Authenticated Users group in and leave it as read only which will give everyone who is NOT A MEMBER OF ACCOUNTS1 AMEND only read access
Everyone who is a member of Accounts1 amend will get what ever permissions you assign to that group.
Or you can simply give the Authenicated users group what ever add/amend/delete/files/folders you wish.


Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now