Solved

Creating permanent top level folders in a windows file sharing evironment

Posted on 2009-05-19
1
229 Views
Last Modified: 2013-12-04
Anyone have an idea for how to lock in a top level heirarchy in windows server 2003 (running active directory)? I have a share-point set up with several top level folders that have various sets of permissions. Recently I've had a request to lock down the top level heirarchy so that no one can move, rename, or delete top level folders (or add new ones). So even if "Bob" from the "Accounting" department has full write access to the items within the top level Accounting folder, he can not move, delete, or rename the folder itself.

I've experimented a little with the special permissions but haven't yet found a working scheme and easy way of implementing. Seems like it might require clever uses of the parent-child propagation option and advanced permissions management...
0
Comment
Question by:steiner470
1 Comment
 
LVL 19

Accepted Solution

by:
CoccoBill earned 250 total points
ID: 24430966
You need to set up a hierarchy something like this using the advanced ACL editor:

- Root level: traverse, list and read for domain users (so that new folders cannot be created)
- Target level aka the read-only folders: traverse, list and read for domain users, apply to this folder only
- Subdirectories: uncheck include inherited permissions, manually set permissions as needed
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

838 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question