Link to home
Start Free TrialLog in
Avatar of kallatech
kallatech

asked on

2003 SBS server has suddenly started right protecting set to read only files and folders

I have a medial transcription client whose 2003 SBS server has suddenly started setting files and folders to read  only.

Once read only is removed the data can be accessed.
I read that some anti-virus programs can cause this.
Avatar of kallatech
kallatech

ASKER

Posting image of most programs installed on the server.
I run malwarebytes manually no other anti-virus is installed.
programs.docx
Is ""Simple file sharing"" disabled on the server?
Yes,

I have the sharing and security tabs.
When I look at the folder that is shared for my m drive network drive.
it says read only.
Everyone has full control on the share permissions.
NTFS permission are
authenticated users modify

domain user read and execute

This server is also an ftp server that users connect to to upload transcription data and sound.

So, when a specific user saves, you end up with the READ attribute to the share. Are they mapped to the namespace, or to the server, that holds the namespace??
all the data is stored in a folder that is mapped as m
Is the root file folder set to pass down all attributes to all child objects? (meaning are all child objects set to inherit the root folder's permission set?)
Any ideas why this could be happening?
The client informed met that it doesn't affect all the customers or all their files.
It is a few here and there and I know that is the hardest thing to troubleshoot.
There is a term called a RODC (meaning Read Only DC). But, I think you have to manually configure the files and folders that are read only. It is a security feature and I beleive it is new to 2008 server R2...

My first guess is someon went to the root folder of your DFS shares and configured read only to be passed down to all child objects. Can someone go to that root folder of your DFS shares and see if there is inheretence to all child objects set. If so, you might consider breaking inheretence. That would effect all filesand folders in the share. Even an explicit permissions to NOT delete files and folders within the share. I believe this is an inherited permission.
I went to the root and removed read only and propogated to all files and folders.
When I checked the root it was still set as read only.
That's what I thought. Let us know how things progress. You did break inheretence from the root folder, (didn't you)?

Or do you want to keep inheretance and leave all users as the same ACL throughout the entire file tree?
I want to keep the same ACL.
So, if you set the rights to ownership on the root folder and pass to all children, does that work?
no when I did that I looked at the root and it was set to read only.

So, are these permissions sets inhereted from the drive permissions?

Maybe break inheretence passed ONTO the root, and then configure your ACL on the root of the shared folders and pass that down to all children.

Example:

C:\  <<break inheretance>> share folder name <<pass down to all child objects and folders>>subfolders and files of the shares.
So what your saying is to just customize the permissions per directory?
ASKER CERTIFIED SOLUTION
Avatar of ChiefIT
ChiefIT
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I will try that and let you know.