Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 343
  • Last Modified:

Advance files and folders Windows 2008 permission question.

We have a big volume on a WIN2K8 server and we need to grand a group right to see permission ONLY but not allowing it to open any files inside of any subfolder.  We plan to grant "Traverse Folder/Execute Files" and "List Folder/Read Data".  Please let us know if this is not correct.

We have also realized there are a lot of folder in this big volume which "Include inheritable permission from this object's parent" is unchecked.  If this is the case, granting the right in the above will not flow into these folders, right?  If yes, is there any work around?

Please advise.

Thanks.
0
nav2567
Asked:
nav2567
1 Solution
 
Suliman Abu KharroubIT Consultant Commented:
You need to grant "read permission" on that volume.


And to force apply them on the child folder, check teh check box "replace permission on the child folder ...." on advanced tab.
0
 
HaslerctCommented:
Your need to have special permission "read permission" on the volume or top folder.


If you select the Replace permission entries on all child objects with entries shown here that apply to child objects check box, then all subfolders and files will have all of their permission entries reset to those inheritable from the parent object. Once you click Apply or OK, you cannot undo this operation by clearing the check box.

I would prefer to configure/add the require permission using tool such as subinacl or xcacls. Handy tools for you in this case.  Some sample on how to use:
http://support.microsoft.com/kb/265360

Not able to give exact command as I don't have access to my laptop now. Cheers
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now