Link to home
Start Free TrialLog in
Avatar of qualityip
qualityip

asked on

Folder / Subfolder Permissions Issues

Hello,

I'm having issues setting permissions for one of my clients. They have a large folder with over 2000 client subfolders.

They want everyone to see the folders, only specific users to create new folders, but all subfolders should be able to be edited.

For example:

M:/Clients/TestClient/2007/
M:/Clients/TestClient/2008/
M:/Clients/TestClient/2009/

Our users should not be able to create a folder directly under the "clients" folder but SHOULD be able create the next 2010 subfolder. A seperate group of users should be able to create additional client folders. Is this possible?
Avatar of Kent Dyer
Kent Dyer
Flag of United States of America image

is each client or rather each client's login a number like the 2007 shown above?

Then, if that is the case, you will need to use a combination of DIR, FOR..IN..DO with XCALC to apply the perms you need..

Something like..

http://www.robvanderwoude.com/forshare.php

I think this what you are looking for..

Two things to keep in mind..
%%A the A is case-sensitive
%% is necessary in Batch Script..  From a command-line, you will want to use: %..


HTH,

Kent
Avatar of qualityip
qualityip

ASKER

No,  the "TestClient" folder would be our customer. All of our users need to see this folder. The problem is that our users keep creating bad customer folders.

We want our users to be able to see and edit the data and create folders within the subfolders but not create new customer folders on the top level.
ASKER CERTIFIED SOLUTION
Avatar of Kent Dyer
Kent Dyer
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I figured it out! First I applied the permissions to all child objects then removed inheritance and changed the first level.
Okay, maybe not. The folder permissions are correct but all of the documents and data there is read-only.
If you follow this video it will be exactly as you want

icacls clients output
clients
        WIN7VMWARE1\Standard User:(OI)(CI)(RX)
        BUILTIN\Administrators:(OI)(CI)(F)
        NT AUTHORITY\SYSTEM:(OI)(CI)(F)
Successfully processed 1 files; Failed processing 0 files