Solved

Folder / Subfolder Permissions Issues

Posted on 2013-01-04
6
267 Views
Last Modified: 2013-01-28
Hello,

I'm having issues setting permissions for one of my clients. They have a large folder with over 2000 client subfolders.

They want everyone to see the folders, only specific users to create new folders, but all subfolders should be able to be edited.

For example:

M:/Clients/TestClient/2007/
M:/Clients/TestClient/2008/
M:/Clients/TestClient/2009/

Our users should not be able to create a folder directly under the "clients" folder but SHOULD be able create the next 2010 subfolder. A seperate group of users should be able to create additional client folders. Is this possible?
0
Comment
Question by:qualityip
  • 3
  • 2
6 Comments
 
LVL 17

Expert Comment

by:Kent Dyer
Comment Utility
is each client or rather each client's login a number like the 2007 shown above?

Then, if that is the case, you will need to use a combination of DIR, FOR..IN..DO with XCALC to apply the perms you need..

Something like..

http://www.robvanderwoude.com/forshare.php

I think this what you are looking for..

Two things to keep in mind..
%%A the A is case-sensitive
%% is necessary in Batch Script..  From a command-line, you will want to use: %..


HTH,

Kent
0
 

Author Comment

by:qualityip
Comment Utility
No,  the "TestClient" folder would be our customer. All of our users need to see this folder. The problem is that our users keep creating bad customer folders.

We want our users to be able to see and edit the data and create folders within the subfolders but not create new customer folders on the top level.
0
 
LVL 17

Accepted Solution

by:
Kent Dyer earned 500 total points
Comment Utility
Look at the use of CACLS then..

http://ss64.com/nt/cacls.html

Read carefully the Examples and there are examples for Read-only, Write, etc.

HTH,

Kent
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 

Author Comment

by:qualityip
Comment Utility
I figured it out! First I applied the permissions to all child objects then removed inheritance and changed the first level.
0
 

Author Comment

by:qualityip
Comment Utility
Okay, maybe not. The folder permissions are correct but all of the documents and data there is read-only.
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
Comment Utility
If you follow this video it will be exactly as you want

icacls clients output
clients
        WIN7VMWARE1\Standard User:(OI)(CI)(RX)
        BUILTIN\Administrators:(OI)(CI)(F)
        NT AUTHORITY\SYSTEM:(OI)(CI)(F)
Successfully processed 1 files; Failed processing 0 files
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now