Solved

Allow users to delete files/folders but not add

Posted on 2007-11-17
5
221 Views
Last Modified: 2013-12-04
We are in the process of transferring our files into a document management system.   We currently have them stored in folders on a network share.   I need to make all of the existing folders/files read only so that the users can open the files, make changes to them and then save them into the document managament software.   I do not want them being able to save back to the network share.   However, i do want for them to be able to go in and delete the file/folder from the network share once the file is successfully transferred into the document management software.   What is the best way to accomplish this?
0
Comment
Question by:jjrunner
  • 3
  • 2
5 Comments
 
LVL 5

Expert Comment

by:pavaneeshkumar
ID: 20304849
Provide only read and delete permision from the security tab for the shares folder
0
 

Author Comment

by:jjrunner
ID: 20304875
And this is best done by using the advanced tab for the nfts permissions?  Is it best to create a new security group and assign the correct rights to this new group? and do I need to i need to change or remove any of the permsission that are given to the normal users group?  The normal users group has special permissions that i dont think i can change.  I would need to remove this group i believe.
0
 
LVL 5

Expert Comment

by:pavaneeshkumar
ID: 20304933
creating a new group is a good choice, but u need to remove the permission given to the other groups other wise they may override the permission given to this new group.
0
 

Author Comment

by:jjrunner
ID: 20304947
ok, that should be no problem.   There are hundred of thousands of child objects so i want to make sure the changes filter down correctly.   I have seen three places to select options about child permissions.  On the advanced settings tab, there is a checkbox to allow inheritable permissions from the parten to progate.....I am assuming this needs to be unchecked.

Right under that is a checkbox to replace permission entries on all child objects with entries shown here....does this need to be checked?

If you click to edit the advanced permissions, there is another checkbox at the bottom of that screen to apply these permissions to objects and/or containers within this container only.   Does this need to be checked?


0
 
LVL 5

Accepted Solution

by:
pavaneeshkumar earned 500 total points
ID: 20305001
>>checkbox to allow inheritable permissions from the parten to progate.....I am assuming this needs to be unchecked.

Yes u need to uncheck this

>>Right under that is a checkbox to replace permission entries on all child objects with entries shown here....does this need to be checked?

this needs to be checked this will replace permission on all the objects recursively

>>If you click to edit the advanced permissions, there is another checkbox at the bottom of that screen to apply these permissions to objects and/or containers within this container only.   Does this need to be checked?

Do not check this, coz it will aply the permission only on the object thos are in this folder means permission will not propagete to the files/folder under its sub folders.


0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now