• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 307
  • Last Modified:

NTFS Permissions issue

I setup a new share and file/folder permissions. I setup ntfs permissions for 3 groups with read, read/write, and modify. When testing the read/write with saving a doc from excel. The file starts to save and then says that the file already exists and do I want to over write. There are no files already there and no matter what I name it, it says that it already exists. If I add it as an admin and then try to edit it with the read/write group that has those permissions, I cannot open or rename the file, it either says the file is corrupt or that the folder is read only. Everyone in the modify group can read/write/delete correctly. Any help or direction would be appreciated.
0
circa62
Asked:
circa62
  • 10
  • 4
  • 3
  • +1
1 Solution
 
Timothy McCartneySYS ADMINISTR I INFRASCommented:
Do the share permissions reflect the ntfs permissions that you set up? I would make sure they're mirrored and see if the issue persists.
0
 
circa62Author Commented:
The share permissions are everyone > full. I was going to set it to everyone > read, and authenicated users to change or full but didn't get that far and ran into these issues.
0
 
Timothy McCartneySYS ADMINISTR I INFRASCommented:
Are they set to all folders, subfolders, and files? Or are they possibly set up for JUST that folder?
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

 
circa62Author Commented:
For this particular share I have the Admin group, the 3 groups mentioned above and the system group by default as the only groups with permissions. Inheritance at the main folder is off because I don't want the permissions from above to apply here. I assume that is correct. Then I did check and apply permissions to all child objects and entities from that point so that all subfolders, files, etc. would get the permissions from this shared folder. I also double checked a few different subfolders and files and they are inheriting from above and look like the permissions I stated earlier.
0
 
Timothy McCartneySYS ADMINISTR I INFRASCommented:
I came across a couple different sites with extensive tutorials on setting up and troubleshooting permissions issues. Hopefully they help your situation.

http://www.informit.com/articles/article.aspx?p=1352790

http://www.techrepublic.com/article/step-by-step-how-to-set-and-troubleshoot-ntfs-permissions-in-windows-xp/1055994
0
 
circa62Author Commented:
Further test with a read/write test account, I can copy a txt file from my desktop to the share location. I can also open that file and edit it, then save. I cannot create a file in notepad and save directly to that location without getting a 'file already exists' error.
0
 
JohnGrunwellCommented:
Have you tried to put the same people/groups in both permission sections on the folder? one under sharing then permissions button and then security tab
0
 
circa62Author Commented:
I tried putting the groups in the sharing section and gave them all full control. I was able to save a new document from notepad directly to the share now but still get prompted to overwrite because the file already exists when it doesn't. But then if I choose to overwrite it does save correctly. Getting closer...
0
 
JohnGrunwellCommented:
Is it a mapped drive or just going to the location?
0
 
JohnGrunwellCommented:
If it is a mapped drive try to disconnect and reconnect it, is it happening on multiple computers or only multiple accounts on the same computer?
0
 
circa62Author Commented:
It is a mapped drive and it's happening to multiple accounts on different pc's within the same ntfs group. I even tried to create a new group, assigned ntfs read/execute, list, read, and write then assigned a user to the new group and made sure the new group is specifically allowed full control for the share. Same result.
0
 
jrhelgesonCommented:
This sounds to me like a corruption issue I just dealt with.
I'd recommend first running a chkdsk on that volume - that will go through and verify all security descriptors on the volume.

The solution I had with my customer, just this week, was Active Directory Corruption within the user profile of 5 employees.  All 5 were having similar problems accessing files, saving files... The machines thought they were disconnected from the domain and would try saving files in offline mode - to be synched up later.

I opened the user account up in ADSIEDIT.msc and looked at the properties of the user account, and there it was, I found the corruption by comparing lines between a user that didn't have problems and one that did.  It was the same in each profile, invalid data in variables that should have no data. I cleared the lines and was back in business.  I could provide more detail if it is of any interest.
0
 
circa62Author Commented:
Any additional information would be great. Would the corruption be with the user or the security group though? If I move a user to the modify group, they don't have any issues?
0
 
jrhelgesonCommented:
So if you create a new security group, then add a user to that group, and apply that new group to the folder access, it works?
I would say you have a corrupt security group.

Joel
0
 
circa62Author Commented:
No, sort of. I created 3 groups as stated above, a modify group, read/write group, and read. If the user is in the modify group everything works fine. It's the read/write group where they cannot create or edit, change, save, etc. That's were I get the file saving issues mentioned above. That's were I get the issues when moving between groups, so I created a new read/write group but get the same results with that new group. I know it sounds like I have it configured wrong but I don't see it.
0
 
jrhelgesonCommented:
Can members of the read/write group create new files in the directory?
0
 
circa62Author Commented:
They can drag files to that location but when trying to save or save as in notepad for example to that share or location is when they get the 'file already exists' issue mentioned above. They also cannot rename files or edit and save a file that already exists there.
0
 
jrhelgesonCommented:
That sounds right.  Read / Write enables you to write a file, but you cannot then modify it.  It is like a CDRom that once the file is written, it cannot be changed.

We have those permissions set on customer folders where everything gets taken from a laptop, and dumped into the folder for archiving.  If you want to update a document, you need to save it to a new file name, then move it back to the customer share.

Modify enables you to modify files that have been written to the directory.
0
 
circa62Author Commented:
So why do I get 'file already exists' errors when trying to save as mentioned above?
 
Also, if read/write does not allow me to edit (which I thought was the purpose of write), then how do I allow edit and rename with giving delete permissions (which I thought was the purpose of modify)? Thanks again for the info.
0
 
circa62Author Commented:
Sorry, the above post should say how do I allow edit and rename without giving delete permissions?
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 10
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now