Which ACL priviledges to allow add & rename files & folders, but not overwrite or delete.

Posted on 2011-04-18
Last Modified: 2012-05-11
I'm stuck.  How can I configure Windows permissions to allow and deny the following actions?  I would prefer to not use the "Deny" flags unless I have to.

Create folder (or subfolder)
Rename folder (or subfolder)
Delete empty folder (nice to have, but optional)
Create file (in a folder or subfolder)
Rename files(in a folder or subfolder)
Read file
Copy file (to another location)
Overwrite file.
Delete file
Change file content.
Append to file.

An owner has no additional rights to a file she creates.  (I assume removing CREATOR OWNER from the folder root will accomplish this part).
Question by:LarryHennig
    LVL 13

    Accepted Solution

    You can't achieve all the goals with NTFS permissions. For all the requirements except blocking overwrite and change content, this should work:

    -Full Control
    +Traverse Folder/Execute File
    +List Folder/Read Data
    +Read Attributes
    +Read Extended Attributes
    +Create Files/Write Data
    -Create Folders/Append Data
    +Write Attributes
    +Write Extended Attributes
    +Read Permissions
    -Change Permissions
    -Take Ownership

    Author Comment

    Thanks.  I'll give it a try!

    Author Comment

    I have THREE times accepted ChrashDummy's answer as the solution, but it is not taking effect.

    Author Comment

    CrashDummy's answer worked for me.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    6 Surprising Benefits of Threat Intelligence

    All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

    SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
    Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now