• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 593
  • Last Modified:

Server 2008 Folder Permission as READ ONLY

One of my client is now having a unique requirement, where they need to have READ ONLY permission from the folder shared on the server. Like if a user is trying to modify an existing file, it should not save but ask the user to SAVE AS and user will rename the file as per latest date and time and keep the records of all the modifications made. I tried giving the folder as READ ONLY for Domain Users and created a new file but i am still able to save in the same file but not getting any prompt to SAVE AS. One more thing they need is to prevent COPY of files to their local disk , is there any possibilities.
0
ibrahim52
Asked:
ibrahim52
  • 6
  • 5
  • 2
1 Solution
 
Svet PaperovIT ManagerCommented:
Let me see if I understand well: you have a shared folder with files and you want users to be able to create new files there but not to modify the existing files. Basically, it can be done but it requires specific folder and file permissions; and the file permissions will need to be manually changed every time when a new file is created – so, it is not practical.

What you need is a version control system. This can be done by Sharepoint (http://sharepoint.microsoft.com ) for example and there is a free version of it http://sharepoint.microsoft.com/en-us/product/Related-Technologies/Pages/SharePoint-Foundation.aspx with some restrictions in the functionality.  

Your second question: not allowing copy to the local disks is much more difficult to achieve and it requires several technologies as DRM, or Remote Services, or third-party security system.
0
 
KCTSCommented:
The only way of achiveing what you require is to impliment Information Rights Management http://technet.microsoft.com/en-us/library/cc178985.aspx

Without this anyone with the ability to read a file can make a local copy
0
 
ibrahim52Author Commented:
@ spaperov : So you mean to say i have to change the settings for individual file they create to READ ONLY and than again if they are creating a new file they have to change the permissions again ?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Svet PaperovIT ManagerCommented:
What I mean is that the request of your client is not practically feasible. Playing with the special permissions of the folder and the files you could realize your goal but you will be stuck with changing the permissions of every new file.  

There are another ways of achieving what you are looking for, and one of them is Sharepoint, as I mentioned in my first response. Sharepoint also could help you also with the second part – implementing IRM (I miss-spell it as DRM in my first post, but @KCTS provided you with a link to explore).
0
 
ibrahim52Author Commented:
They don't have to understand such ADVANCED feature of sharepoint, they only know WORD and EXCEL and their accounting application. Even i was surprised when i heard because i never did it before and was just wondering if there is any solution or a script file where it could change the permission to READ ONLY on every new file created or saved.
0
 
KCTSCommented:
The simple answer is that without IRM you simply cannot do what you want to do
0
 
Svet PaperovIT ManagerCommented:
No, can’t help with a script.

But you could try another approach – administrative: your client could have 2 shares instead of one: the Primary, where all documents are saved, with normal READ-ONLY permissions on the share and a secondary, let name it IN share with WRITE permissions where the users would deposit the new files with Save-As action from Word or Excel. Then a supervisor (the boss) with WRITE permissions on the Primary folder could move the files from In to Primary and rename them if necessary. Sometime, you can achieve the same with a simple procedure.

However, this will not provide you with a solution of the second problem – copying the files on the local drives.  
0
 
ibrahim52Author Commented:
But is there any other THIRD PARTY solution i can use because i have been strictly asked for this requirement where user can't delete or modify the existing file and do the SAVE AS ,even if there is no SAVE AS feature they want to prevent DELETION of files
0
 
Svet PaperovIT ManagerCommented:
Sharepoint or a similar product
0
 
ibrahim52Author Commented:
and they are looking for something FREE as they have done a FAVOR to MICROSOFT by buying a SERVER 2008 license which was a BIG INVESTMENT already
0
 
Svet PaperovIT ManagerCommented:
Sharepoint Fondation is FREE http://sharepoint.microsoft.com/en-us/product/Related-Technologies/Pages/SharePoint-Foundation.aspx.

However, Sharepoint provides the framework and it still needs to be implemented. So, there will be job for you as consultatant.
0
 
ibrahim52Author Commented:
I am really not getting whether to close this question or keep it active as i can't educate each and every user for SHAREPOINT, is there any other easiest way or any other third party applications which can accomplish this ?
0
 
ibrahim52Author Commented:
Though it is not a proper solution but i manage to have a workaround for my problem by creating individual shared folder name
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 6
  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now