Solved

NTFS Permissions to allow delete of file, but not delete of file if done from containing folder

Posted on 2009-03-30
4
1,207 Views
Last Modified: 2013-12-02
Our file server contains many MS Word and Excel files, which need to be able to be deleted to allow editing. ie temp doc with changes. On save the old file is deleted. The new one is renamed with filename.

I have set for only files to be able to be deleted, but not folders. The issue arises that if someone clicks delete on the folder containing  the files then the files delete until an error pops up when a folder or the containing folder cannot be deleted.
* This also occurs if an accidental drag and drop of a folder is made and contents are moved until a folder that cannot be moved is reached.

 Is there a way to only allow files to be deleted if they are explicitly selected for deletion?
0
Comment
Question by:littlehogarth
  • 2
  • 2
4 Comments
 
LVL 18

Accepted Solution

by:
BigSchmuh earned 500 total points
ID: 24062052
You can set NTFS permissions on files depending on the ACL (Access control List is a list of Users, Groups and SpecialSystemComponents and their specific rights on each files/folders)

The user/group/context does not change depending on a "File selection"...so NTFS permissions can NOT DO what you want it to :-(

One smart hack can be to create a zero length hidden non-deletable file named !!!.txt in every folder.
==> ! is ascii (33) and will be moved/deleted at the earliest stage possible...thus blocking every "folder move/deletion"
0
 

Author Comment

by:littlehogarth
ID: 24256852
Thanks mate, your hack of using !!!.txt works ok. Trust Microsoft to create file types that need delete capability just to edit. Fits nicely with their NTFS file permissions.

The issue remains that if a user accidently drags a folder (1) and drops it on to another folder (2) then a new folder (copy of 1) is created in folder (2) even though the !!!.txt stops any files from transferring.
Therefore I get:
C:/folder 1/(files)
C:/folder 2/folder 1/(empty)        

Another issue is how to assign permissions to !!!.txt so the owner of the folder can still move the folder.  
0
 
LVL 18

Expert Comment

by:BigSchmuh
ID: 24258147
Can you write an admin procedure to periodically scan the full drive seeking for :
-empty folders to be deleted (you don't care if this is not a copy because an empty folder is always a very frustrating folder)
-folders without their !!!.txt...assigning specific NTFS permissions (depending on folder owner) to it

Using WSH or VBA or any script based languages would perfectly worked and allow for a basic maintenance.
0
 

Author Closing Comment

by:littlehogarth
ID: 31618487
Thanks BigSchmuh. Great suggestions. I'll flex my scripting muscle and see if I can get a positive result.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

Problem: Windows 32bit running out of paging space. Solution: Add additional page files on separate partitions. Background: By default Windows creates only one page file on the partition you install Windows on. You may know that the maximu…
Hello, As I have seen there a lot of requests regarding monitoring and reporting for exchange 2007 / 2010 / 2013 I have decided to post some thoughts together and link to articles that have helped me. Of course a lot of information you can get…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now