?
Solved

Advance files and folders Windows 2008 permission question.

Posted on 2013-01-18
2
Medium Priority
?
339 Views
Last Modified: 2013-02-11
We have a big volume on a WIN2K8 server and we need to grand a group right to see permission ONLY but not allowing it to open any files inside of any subfolder.  We plan to grant "Traverse Folder/Execute Files" and "List Folder/Read Data".  Please let us know if this is not correct.

We have also realized there are a lot of folder in this big volume which "Include inheritable permission from this object's parent" is unchecked.  If this is the case, granting the right in the above will not flow into these folders, right?  If yes, is there any work around?

Please advise.

Thanks.
0
Comment
Question by:nav2567
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 38795181
You need to grant "read permission" on that volume.


And to force apply them on the child folder, check teh check box "replace permission on the child folder ...." on advanced tab.
0
 
LVL 4

Accepted Solution

by:
Haslerct earned 1500 total points
ID: 38795633
Your need to have special permission "read permission" on the volume or top folder.


If you select the Replace permission entries on all child objects with entries shown here that apply to child objects check box, then all subfolders and files will have all of their permission entries reset to those inheritable from the parent object. Once you click Apply or OK, you cannot undo this operation by clearing the check box.

I would prefer to configure/add the require permission using tool such as subinacl or xcacls. Handy tools for you in this case.  Some sample on how to use:
http://support.microsoft.com/kb/265360

Not able to give exact command as I don't have access to my laptop now. Cheers
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question