Solved

Advance files and folders Windows 2008 permission question.

Posted on 2013-01-18
2
332 Views
Last Modified: 2013-02-11
We have a big volume on a WIN2K8 server and we need to grand a group right to see permission ONLY but not allowing it to open any files inside of any subfolder.  We plan to grant "Traverse Folder/Execute Files" and "List Folder/Read Data".  Please let us know if this is not correct.

We have also realized there are a lot of folder in this big volume which "Include inheritable permission from this object's parent" is unchecked.  If this is the case, granting the right in the above will not flow into these folders, right?  If yes, is there any work around?

Please advise.

Thanks.
0
Comment
Question by:nav2567
2 Comments
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
Comment Utility
You need to grant "read permission" on that volume.


And to force apply them on the child folder, check teh check box "replace permission on the child folder ...." on advanced tab.
0
 
LVL 4

Accepted Solution

by:
Haslerct earned 500 total points
Comment Utility
Your need to have special permission "read permission" on the volume or top folder.


If you select the Replace permission entries on all child objects with entries shown here that apply to child objects check box, then all subfolders and files will have all of their permission entries reset to those inheritable from the parent object. Once you click Apply or OK, you cannot undo this operation by clearing the check box.

I would prefer to configure/add the require permission using tool such as subinacl or xcacls. Handy tools for you in this case.  Some sample on how to use:
http://support.microsoft.com/kb/265360

Not able to give exact command as I don't have access to my laptop now. Cheers
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now