Solved

NTFS Permissions - Create Files/Folder no delete

Posted on 2007-03-19
2
2,767 Views
Last Modified: 2013-12-05
Goal: Allow a group to create files & folders in a share, but do not allow them to delete files or subdirectories (even ones they created).

Issue: unless they have "delete" they cannot rename the files/folders.  Apparently the rename option does not really allow them to rename unless delete is checked.  If they have delete they can delete their own items they've created and we don't want that.

Tested the Share rights with both:  Read/Modify and read only
NTFS permissions: all except delete, delete files and folders, change permissions, and take ownership.  Given this, the user is supposed to be able to rename files/folders.

Observed: "delete" must be checked to rename files/folders on the share.

Is this the way it works or am I missing something?

0
Comment
Question by:katfpi
2 Comments
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 25 total points
ID: 18750709
Just tested this on my system and you are correct.  Apparently, removing Delete and Delete Files and Folders from the NTFS permissions prevents changing the file/folder name.  Weird....BTW, just so you know, if you check both of these items, you also can't move a file/folder, so this must be the same issue.  I guess renaming the folder must trigger a background copy / paste with new name / delete original folder action.  I know this is what move does - the background action is really to copy the original folder / delete the original folder / paste the copy into the new location.
0
 
LVL 25

Assisted Solution

by:mikeleebrla
mikeleebrla earned 25 total points
ID: 18750864
no you are not missing anything.  As long as a user has 'modify' rights (which most will have so they can edit files) then they can also delete them (and also move them elsewhere by the way).  That is just the way the OS is designed.  Wierd i know.


>>(even ones they created).
if they created it, then they are the 'owner' and can do whatever they please.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Case Summary: In this Article we introduce the new method to configure the default user profile using Automated profile copy with sysprep rather than the old ways such as the manual copy of a configured profile to default user profile Old meth…
On a regular basis I get questions about slow RDP performance, RDP connection problems, strange errors and even BSOD, remote computers freezing or restarting after initiation of a remote session. In a lot of this cases the quick solutions made b…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video discusses moving either the default database or any database to a new volume.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now