• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1222
  • Last Modified:

NTFS Permissions to allow delete of file, but not delete of file if done from containing folder

Our file server contains many MS Word and Excel files, which need to be able to be deleted to allow editing. ie temp doc with changes. On save the old file is deleted. The new one is renamed with filename.

I have set for only files to be able to be deleted, but not folders. The issue arises that if someone clicks delete on the folder containing  the files then the files delete until an error pops up when a folder or the containing folder cannot be deleted.
* This also occurs if an accidental drag and drop of a folder is made and contents are moved until a folder that cannot be moved is reached.

 Is there a way to only allow files to be deleted if they are explicitly selected for deletion?
0
littlehogarth
Asked:
littlehogarth
  • 2
  • 2
1 Solution
 
BigSchmuhCommented:
You can set NTFS permissions on files depending on the ACL (Access control List is a list of Users, Groups and SpecialSystemComponents and their specific rights on each files/folders)

The user/group/context does not change depending on a "File selection"...so NTFS permissions can NOT DO what you want it to :-(

One smart hack can be to create a zero length hidden non-deletable file named !!!.txt in every folder.
==> ! is ascii (33) and will be moved/deleted at the earliest stage possible...thus blocking every "folder move/deletion"
0
 
littlehogarthAuthor Commented:
Thanks mate, your hack of using !!!.txt works ok. Trust Microsoft to create file types that need delete capability just to edit. Fits nicely with their NTFS file permissions.

The issue remains that if a user accidently drags a folder (1) and drops it on to another folder (2) then a new folder (copy of 1) is created in folder (2) even though the !!!.txt stops any files from transferring.
Therefore I get:
C:/folder 1/(files)
C:/folder 2/folder 1/(empty)        

Another issue is how to assign permissions to !!!.txt so the owner of the folder can still move the folder.  
0
 
BigSchmuhCommented:
Can you write an admin procedure to periodically scan the full drive seeking for :
-empty folders to be deleted (you don't care if this is not a copy because an empty folder is always a very frustrating folder)
-folders without their !!!.txt...assigning specific NTFS permissions (depending on folder owner) to it

Using WSH or VBA or any script based languages would perfectly worked and allow for a basic maintenance.
0
 
littlehogarthAuthor Commented:
Thanks BigSchmuh. Great suggestions. I'll flex my scripting muscle and see if I can get a positive result.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now