Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Modify files in share but do not allow new files to be written.

Posted on 2006-11-22
4
Medium Priority
?
150 Views
Last Modified: 2013-12-04
Microsoft shop
Servers are 2003 / Clients are XP (SP2)

Share is on a 2003 server, need to allow certain users the ability to modify existing documents in the share but not create new ones or delete existing ones.

Current settings:
SharePermissions:
Domain Users (Read)
Domain Admins (Full)
Programming Group (Change/Read) - This is the one with the needed permissions.
DocControl Group (Full)

SecuritySettings:
Domain Users (Read)
Domain Admins (Full)
Programming Group (Traverse Folder / Execute File, List Folder / Read Data, Read Attributes, Read Extended Attributes, Create Folders / Append Data, Read Permissions)
DocControl Group (Modify)

Any thoughts
0
Comment
Question by:shoemakerbrian
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 31

Accepted Solution

by:
Toni Uranjek earned 750 total points
ID: 17999174
You won't be able to modify files with this NTFS permissions. You need Write permission to modify existing documents, Append Data will not help, unfortunately. When you change file special NTFS permission Write Data, Write Attributes and Write Extended attributes should be set to Allow!
0
 
LVL 1

Expert Comment

by:beckman55
ID: 20304989
NTFS and Share permissions will cancel each other out in a way.  Rather than get into explaining how....my instructor recommended to me to set SHARE permissions to everyone FULL CONTROL....then use just the NTFS permissions to restrict access.  Then there is no thinking of if share=read and NTFS=write what is the final result.   I hope that makes sense.  

If you need more info let me know.
0
 
LVL 31

Expert Comment

by:Toni Uranjek
ID: 20307383
Using Everyone Full Control permission is bad security practice. If possible Everyone should be removed and "Authenticated users" group used instead.
0
 
LVL 1

Author Comment

by:shoemakerbrian
ID: 20316837
Actually what I did was wrote a vbscript to assign permissions to the files themself and left the directories alone.

Thank you for all your assistance though.
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Suggested Courses

660 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question