Solved

How do you grant rights to a file

Posted on 2012-12-27
7
269 Views
Last Modified: 2012-12-29
I need to grant a user rights to an Excel file.  The problem is the file is in a "private" folder, and the user doesn't have access to the folder.

I have gone to the file level and granted him all rights except for Full Control and Special permissions.  I then created a shortcut that points directly to this file and moved it to the user's desktop.  The user clicks on the shortcut and is able to open, read and modify the file.  The problem is, when the user tries to save the file he gets the following message:  "Access Denied.  Contact you administrator."

Obviously, I am missing something.  The owner of the file doesn't want to move the file because of the sensitivity of the information inside those files.  And I was also told that he would like to be able to do this with a couple more users (except they would have access to a different file).

Does anyone have a suggestion?  These files are on the network (Windows Server 2003 R2).
0
Comment
Question by:Harper-IT
7 Comments
 
LVL 23

Expert Comment

by:Thomas Grassi
Comment Utility
create a group in Active Directory place all the users in that group.
Give  that group the rights needed for accessing the folder.

Need to share the folder

The folder can be shared an no one but the group can have access to this folder.

NTFS and Share permissions need to be set.
0
 
LVL 70

Expert Comment

by:KCTS
Comment Utility
Its going to get very messy if you don't do it properly - the 'proper' way would be to create a new folder for each user (or group of users), assign the NTFS and share permissions on that folder and then put the file(s) in the appropriate folder(s)
0
 
LVL 53

Expert Comment

by:McKnife
Comment Utility
Hi.

If you don't want to move that file to a separate folder, you will need to grant access rights to the folder, too - that should be obvious. Simply share that folder and grant read access to that folder on both NTFS and share permissions and don't let the files inherit these permissions - that way, he will only be able to browse that folder but not read the other files' contents.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 4

Expert Comment

by:palicos
Comment Utility
You will need to give full control to "Everyone" group on the machine. Found this post on MSDN which talks about it.

http://social.msdn.microsoft.com/Forums/en-SG/windowssdk/thread/de213b61-dc7e-4f33-acdb-893aa96837fa

Moreover refer this link also

http://technet.microsoft.com/en-us/library/bb727008.aspx

Hope this works for you.
0
 
LVL 70

Accepted Solution

by:
KCTS earned 500 total points
Comment Utility
If you give full control to 'Everyone' then you've just blown all your security away.

If you want to share files - then do it properly - create folders - put the files in the folders and set the NTFS and share permissions accordingly - by all means set the share permissions on the share to 'Everyone' and use NTFS permissions to tie down the security - but don't share your own private documents.
0
 
LVL 1

Author Closing Comment

by:Harper-IT
Comment Utility
I want to thank you all for the feedback.  Before all of this, I tried explaining to my boss the headache involved by not moving a file, keeping it in a private (secure) folder and granting rights so that only a particular user can get to it.  It wasn't until he was made aware of all or your comments, that a light went on.

I have been given permission to move the file(s) to a "public" sub folder in his "private" folder.  Thanks again for all the feedback!
0
 
LVL 4

Expert Comment

by:palicos
Comment Utility
No issues what we can help so we tried our level best...
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

This is my first article in EE and english is not my mother tongue so any comments you have or any corrections you would like to make, please feel free to speak up :) For those of you working with AD, you already are very familiar with the classi…
Mapping Drives using Group policy preferences Are you still using old scripts to map your network drives if so this article will show you how to get away for old scripts and move toward Group Policy Preference for mapping them. First things f…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now