[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Folder Permissions - should be easy but I am really confused

Posted on 2006-07-24
3
Medium Priority
?
233 Views
Last Modified: 2008-03-06
I have a security group called Users and a group called Bosses

I have a network share called PROJECTS with lots of subfolders,  general permissions are defined at the root level of the PROJECTS folder and are inherited through subfolders.

Within a typical subfolder called PROJECT1 the USERS have the following permissions
Modify - Read & Execute - List Folder Contents - Read - Write
all of these are Checked off.  Full control is not Checked off.

BOSS is a subdirectory of PROJECT1 and the Bosses want this folder to be read-only to the USERS but modifiable to members of BOSSES

Only the Bosses are members of the BOSSES group, but everyone is a member of the USERS group - including the Bosses.

I can't really modify the share permissions as the whole PROJECT is shared not just this subfolder.  So I have to use NTFS permissions

The first thing I would do is go to advanced security for the BOSS folder and disable inheritance and select Copy keeping the original permissions

I would add the BOSSES group to the permissions of the BOSS folder and grant modify or full control.  

But how do I configure it so that the BOSS folder or its contents can be read but not modified by anyone in the USERS group who is not also a member of BOSSES

I can't (and probably should not) use Deny in the USERS permissions as this would deny the BOSSES as well, Deny takes precedent over allow...

This is surely a common request - but I am stumped

I need idiot proof instructions - like check this, uncheck this

TIA - TOMG






0
Comment
Question by:Tgilbert
3 Comments
 
LVL 2

Expert Comment

by:UnifiedIT
ID: 17170771
You should not have to use Deny, just change the permissions on the USERS group so the only items checked are
Modify
List and Execute


Add the boss group and give that group Full Control

Even though the members of Boss'es are also members of user's, there higher permissions will take over and allow them full access


0
 

Author Comment

by:Tgilbert
ID: 17171780
Wrong - You are not helping - I need specific accurate instructions

You said
just change the permissions on the USERS group so the only items checked are
Modify
List and Execute

While there is a Modify at the non advanced mode - as soon as you select Modify you also select all the others Read & Execute - List Folder Contents - Read - Write so you can't select only Modify

There is no option in either non advanced nor advanced called List and Execute

Please try again - TOMG

0
 
LVL 13

Accepted Solution

by:
2hype earned 360 total points
ID: 17172399
On the Bosses folder you would go into Advance and Uncheck Inherit from parent.

You would go back to the security screen and give Bosses Modify Permissions.  You would the give users read and execute permissions.

Therefore, Users can only read and execut the files.  Bosses can Read, Execute and Modify any file in the directory.  A user who is both memeber of the Bosses and Users would also have Read, Execute and Modify.

You would not deny anything.
0

Featured Post

Learn to develop an Android App

Want to increase your earning potential in 2018? Pad your resume with app building experience. Learn how with this hands-on course.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever set up your wireless router at home or in the office to find that you little pop-up bubble in the bottom right-hand corner of Windows read "IP Conflict - One of more computers on the network have been assigned the following IP address"…
An article on effective troubleshooting
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
There may be issues when you are trying to access Outlook or send & receive emails or due to Outlook crash which leads to corrupt or damaged PST file. To eliminate the corruption from your PST file, you need to repair the corrupt Outlook PST file. U…

640 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question