Solved

NTFS stop folders being moved

Posted on 2010-04-22
10
1,375 Views
Last Modified: 2013-12-02
We have a list of folders on a network share. e.g.

J:\Standard Jobs\S001
J:\Standard Jobs\S002
J:\Standard Jobs\S003
J:\Standard Jobs\S004

I want users to be able to view everything, but should only be able to edit files WITHIN the S00* file.

The S00* folders are created programatically in c#, so I can apply permissions to each folder when they are created.

So far, i've set advanced permissions for them to allow editing/deleting of files within the job folder..  Applied to "Subfolders and Files Only".  This works ok for most things, but when a user accidentally drags one job folder into another, it will move the folder and contents to the other destination, and keep the empty folder that was dragged after displaying the error msg.

So if i accidentally drag S001 into S002, we end up with.

J:\Standard Jobs\S001 <-- empty
J:\Standard Jobs\S002
J:\Standard Jobs\S002\S001.

Anyone faced this challenge before?
0
Comment
Question by:Sc0tte
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +1
10 Comments
 
LVL 17

Expert Comment

by:Tiras25
ID: 31811513
OK so moving simply means copying from one folder to another and deleting on the source folder.  So you would need to deny the NTFS special permission "delete folder" to the users on the source folder security tab.

Then you will have to deny the NTFS special permission "create folder" to all the target folders.  You need to make sure you assume all targets.

Make sense?
0
 

Author Comment

by:Sc0tte
ID: 31813225
They don't have delete permission for the S00* folders...  thats why when they move them, the contents move,  but an empty folder remains.

I can't really deny "create folder" because user will need to add/remove files/folders int the S00* directory.

0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 31823228
0
Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

 
LVL 7

Expert Comment

by:hutnor
ID: 31832027
Your S001 folder takes permissions from standard jobs folder. I assume they can not delete the S001 because they do not have any delete permission for fodlers & files directly in the standard jobs folder.

If you were to give them access to delete folders under standard jobs then when they move s001 they can delete the folder.
0
 
LVL 7

Expert Comment

by:hutnor
ID: 31832170
Is that what you want to do? get ride of the S001 after it has been moved? or stop them from dragging s001 into s002
0
 

Author Comment

by:Sc0tte
ID: 31832415
Really just want to stop users from dragging S001 into S002
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 31833375
0
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 500 total points
ID: 31833549
0
 

Author Comment

by:Sc0tte
ID: 32316096
Thanks dstewartjr,  I'll look into that app.

For the time being, i've knocked up a little program that runs during logon (once) for out company...  it increases the number pixels a user must move the item under their mouse before windows triggers that the drag/drop operation is happening.

It works well..  but can be a little weird and annoying sometimes, because it affects *all* drag and drop operations within windows.

C# code attached.

using System;
using System.Collections.Generic;
using System.Text;
using System.Runtime.InteropServices;

namespace DragonDropStop
{
    class Program
    {

        static int SPI_SETDRAGWIDTH = 76;
        static int SPI_SETDRAGHEIGHT = 77;
        static int DISTANCE = 50;

        // ----------------------------------------------------------------------------------------
        // Author:                        ScottE
        // Date:                          27/04/2010 11:25
        // Purpose:                       
        // ----------------------------------------------------------------------------------------
        static void Main(string[] args)
        {
            try
            {
                if (args.Length > 0)
                {
                    try
                    {
                        DISTANCE = int.Parse(args[0]);
                    }
                    catch (Exception ex)
                    {
                        Console.WriteLine("Parameter should be an integer number");
                    }
                }
                SystemParametersInfo(SPI_SETDRAGWIDTH, DISTANCE, "", 0);
                SystemParametersInfo(SPI_SETDRAGHEIGHT, DISTANCE, "", 0);
            }
            catch (Exception ex)
            {
                Console.Write(ex.ToString());
                Console.Read();
            }
        }

        [DllImport("user32.dll", CharSet = CharSet.Auto)]
        static extern int SystemParametersInfo(int uAction, int uParam, string lpvParam, int fuWinIni);

    }
}

Open in new window

0

Featured Post

Turn Insights Into Action

You’ve already invested in ITSM tools, chat applications, automation utilities, and more. Fortify these solutions with intelligent communications so you can drive business processes forward.

With xMatters, you'll never miss a beat.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question