?
Solved

Inconsistent permissions on shared folders

Posted on 2009-04-07
3
Medium Priority
?
709 Views
Last Modified: 2013-12-04
I have a problem with the permissions on an NTFS formatted partition. The client has a shared data folder on Windows 2003 R2 and nested subfolders going down several levels.

The problem is that a particular user is able to move (I am aware that there is a difference between moving and copying; my question is only related to moving the file) a file to a folder higher up to which they should be restricted through NTFS permissions. They cannot reverse this action as, ironically, they do not have sufficent perms to edit or move the file as it is now inheriting perms from it's folder.

There are several global and domain local groups in use but I have established the individual's permissions using the 'effective permissions' tool in folder properties. They are, as follows:

Top-Level Folder: User's effective perms: List/Read, Read Perms, Change Perms

          Nested sub-folder 1: User's effective perms: Traverse/Execute, List/Read, Read Attribs, Read extended attribs, Read perms.

                    Nested sub-folder 2: User's effective perms: Full control

                              File1: User's perms: Full control (inherited)

The user is able to move File1 to Top-Level Folder but then cannot move it back. We are trying to restrict the user from being able to create, add or edit file content in any way on the top level whilst granting more liberal rights lower down.

Question:: Why can the user move the file when they only have list/read perms on the destination folder?

Any suggestions experts?
0
Comment
Question by:pedcom
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 16

Expert Comment

by:speshalyst
ID: 24086482
0
 

Author Comment

by:pedcom
ID: 24087132
Thanks, I don't see how either of those links fix my problem.
0
 

Accepted Solution

by:
pedcom earned 0 total points
ID: 24279476
The problem was due to privileges gained through file/folder ownership.
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question