Restrict domain users from deleting a shared file or folder
Posted on 2006-04-25
Recentlly we had an incident with involuntary deleting of 800MB from MS Server 2003 by a domain user. We have a drive with NTFS which is shared for domain users and they should be able to create, read, write, modify files and folders, but not deleting them. I have tried with deny a file or folder delete through security tab, but then users can't modify. My idea was to deny only deleting of files, and if some user nonaccidentally wants to delete a file or folder - just to rename it with 4 zeros infront. Then in the end of the day an automatic script will run which will search files and folders with 4 zeros begining and delete them. Yes but NO, denying a file delete automaticaly deny file rename.
Please give me an advise how to prevent domain users from accidentaly deleting files from this drive, and in the same time to have all file/folder functionality.
10x a lot in advance!