[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Allow users to delete files/folders but not add

Posted on 2007-11-17
5
Medium Priority
?
228 Views
Last Modified: 2013-12-04
We are in the process of transferring our files into a document management system.   We currently have them stored in folders on a network share.   I need to make all of the existing folders/files read only so that the users can open the files, make changes to them and then save them into the document managament software.   I do not want them being able to save back to the network share.   However, i do want for them to be able to go in and delete the file/folder from the network share once the file is successfully transferred into the document management software.   What is the best way to accomplish this?
0
Comment
Question by:jjrunner
  • 3
  • 2
5 Comments
 
LVL 5

Expert Comment

by:pavaneeshkumar
ID: 20304849
Provide only read and delete permision from the security tab for the shares folder
0
 

Author Comment

by:jjrunner
ID: 20304875
And this is best done by using the advanced tab for the nfts permissions?  Is it best to create a new security group and assign the correct rights to this new group? and do I need to i need to change or remove any of the permsission that are given to the normal users group?  The normal users group has special permissions that i dont think i can change.  I would need to remove this group i believe.
0
 
LVL 5

Expert Comment

by:pavaneeshkumar
ID: 20304933
creating a new group is a good choice, but u need to remove the permission given to the other groups other wise they may override the permission given to this new group.
0
 

Author Comment

by:jjrunner
ID: 20304947
ok, that should be no problem.   There are hundred of thousands of child objects so i want to make sure the changes filter down correctly.   I have seen three places to select options about child permissions.  On the advanced settings tab, there is a checkbox to allow inheritable permissions from the parten to progate.....I am assuming this needs to be unchecked.

Right under that is a checkbox to replace permission entries on all child objects with entries shown here....does this need to be checked?

If you click to edit the advanced permissions, there is another checkbox at the bottom of that screen to apply these permissions to objects and/or containers within this container only.   Does this need to be checked?


0
 
LVL 5

Accepted Solution

by:
pavaneeshkumar earned 2000 total points
ID: 20305001
>>checkbox to allow inheritable permissions from the parten to progate.....I am assuming this needs to be unchecked.

Yes u need to uncheck this

>>Right under that is a checkbox to replace permission entries on all child objects with entries shown here....does this need to be checked?

this needs to be checked this will replace permission on all the objects recursively

>>If you click to edit the advanced permissions, there is another checkbox at the bottom of that screen to apply these permissions to objects and/or containers within this container only.   Does this need to be checked?

Do not check this, coz it will aply the permission only on the object thos are in this folder means permission will not propagete to the files/folder under its sub folders.


0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's recap what we learned from yesterday's Skyport Systems webinar.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question