Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 153
  • Last Modified:

Modify files in share but do not allow new files to be written.

Microsoft shop
Servers are 2003 / Clients are XP (SP2)

Share is on a 2003 server, need to allow certain users the ability to modify existing documents in the share but not create new ones or delete existing ones.

Current settings:
SharePermissions:
Domain Users (Read)
Domain Admins (Full)
Programming Group (Change/Read) - This is the one with the needed permissions.
DocControl Group (Full)

SecuritySettings:
Domain Users (Read)
Domain Admins (Full)
Programming Group (Traverse Folder / Execute File, List Folder / Read Data, Read Attributes, Read Extended Attributes, Create Folders / Append Data, Read Permissions)
DocControl Group (Modify)

Any thoughts
0
shoemakerbrian
Asked:
shoemakerbrian
  • 2
1 Solution
 
Toni UranjekConsultant/TrainerCommented:
You won't be able to modify files with this NTFS permissions. You need Write permission to modify existing documents, Append Data will not help, unfortunately. When you change file special NTFS permission Write Data, Write Attributes and Write Extended attributes should be set to Allow!
0
 
beckman55Commented:
NTFS and Share permissions will cancel each other out in a way.  Rather than get into explaining how....my instructor recommended to me to set SHARE permissions to everyone FULL CONTROL....then use just the NTFS permissions to restrict access.  Then there is no thinking of if share=read and NTFS=write what is the final result.   I hope that makes sense.  

If you need more info let me know.
0
 
Toni UranjekConsultant/TrainerCommented:
Using Everyone Full Control permission is bad security practice. If possible Everyone should be removed and "Authenticated users" group used instead.
0
 
shoemakerbrianAuthor Commented:
Actually what I did was wrote a vbscript to assign permissions to the files themself and left the directories alone.

Thank you for all your assistance though.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now