Allow create file to a folder, but deny write access to files in the folder via inheritance - possible?
Posted on 2007-08-08
Ok, I am having a bit of a hassle with some folder/file permissions in Windows 2003 Server, and curious if someone else has an idea. This is probably a simple solution that I am just missing. I have a folder which contains multiple (read: dozens) of files inside. I have a group of users I want to be to read all files in the folder, but cannot edit the existing files. However, I want to allow them the ability to edit and save the modified files as a new file, with a different name.
For example, I have folder A, with files 1 - 10 inside. I want to be able to allow a user to open up file 1, modify and save the file as 1-mod. The original file cannot be saved in the edited state.
Obviously I could just give read/write access to the folder, and implicitly deny write on each file, but all told there is over 3000 files in various folders I need to do this for as well as new files placed in on a daily basis by multiple people, so its not a reasonable option to manually set write-deny on each file. Is there another solution that would give the same effect, but would be set up via inheritance?