[Last Call] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 811
  • Last Modified:

Large Network FileSystem - Need to DISABLE drag and drog in explorer.

I have a client with a very large file system.   One of the biggest issues we have is users dragging and dropping folders or files accidentally into places they don't belong.  These users do NEED to have permissions on these files so I can't limit them that way.   Is there any way to disable drag and drop through group policy, or a regfix script deployed through active directory.  

Windows 2003 SBS Domain with XP Pro clients.
1 Solution
So you want the users to have read-only access to the filesystem?  Or are you asking how to get read/write, but only on files that already exist there?
1) RIGHT click on start button
2) select Properties
3) in "Taskbar and start menu properies" select the "Start Menu" Tab
4) Select "Customize" (doesnt matter if you are using the classic or general style)
5)Click on advance and scroll to search "Enable Drag and drop"
6) Uncheck it
7) Click Apply...

Isolate the registry entry it creates and use a login script or GP to deploy.  You could use the "reg" command to do a reg add "HKCU\SOFTWARE\Microsoft\Windows NT\<DATA>" /v 00036601 /t REG_BINARY /d 84010000 /f (as an example of syntax)
Actually, if you use the special permissions on the cluster, but dont select Delete, I think that should cover dragging and dropping, as it involves a read, a copy and then a delete. Dont know feasible this is, depending on howgranular your security is....
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

zreismanAuthor Commented:
JohnDem - Unfortunately that only disables drag and drop for the start menu.  But yes, that is essentially the idea I was looking for only, I need it to disable drag and drop in explorer / my computer

JohnB - I tried that originally, the problem is I don't want to actually restrict them from deleting / moving files.  Just to stop them from accidentally dragging directories into other directories thus causing havoc within the organization.
To accomplish what you are trying, you're gonna have to get messy with the permissions.  You'd have to define a policy that gave read/write access to the directory, but not copy or delete permissions.  Then, you'd have to define a different policy for the files inside the directory that allow full control.

A word of warning, though.  Defining custom permissions is very tricky.  Half the settings don't work as advertised.  I spend a few hours once trying to make a list for myself to know exactly what each thing did and what it depended on.  I gave up after a while of frustration, so I can't explain exactly what options you need to set/unset.  The few times when I have to define custom permissions, I just play around until I get something that works.  Then I promptly forget about it.
Forced accept.

EE Admin

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now