Solved

Prevent Mac users from deleting sub-folders on a Windows Share

Posted on 2013-05-14
5
345 Views
Last Modified: 2013-05-29
Hello,
We have recently implemented security on a Windows server that dis-allows users to add, remove or change any files from the top level of the share, but they are able to add, remove or change the contents of sub-folders.

My issue is Mac users are denied access to remove the top-level folders but if they try to delete the top-level folder they are not denied access to the sub-folders. The delete traverses the sub-folders and deletes anything below that top-level if they have access to do so.

Is there a setting in Windows or Mac OS that will dis-allow the recursive sub-folder delete?

I  do not have this issue with a Windows PC, if the user tries to delete the top-level folder on a PC, they get a message that they are not allowed to do so, and it does not affect the sub-folders at all.
0
Comment
Question by:kalajj
  • 2
  • 2
5 Comments
 
LVL 28

Expert Comment

by:jhyiesla
ID: 39169187
I can't think of anything specific to the Mac that would allow this, It's most likely something on the server with permissions.

Are the Mac users logging onto the Macs with AD credentials?  If so, then AD is AD is AD and it should just work like it does for a Windows user. If they are logging on locally, which they can do, do you have security on the share set to not allow EVERYONE in; you could limit the lowest access to domain users; this would force people to use AD creds. Do you have the permissions in the top level folder set to flow down to the sub-folders?
0
 
LVL 32

Assisted Solution

by:nappy_d
nappy_d earned 250 total points
ID: 39170867
Can you please post a screenshot of what your Share permissions and your NTFS permissions look like?
0
 

Author Comment

by:kalajj
ID: 39192238
All,
The permissions are working correctly, from a Windows PC we are able to do exactly what I require. The top level should not be able to be changed, added to or deleted from. Under those folders they have rights to add, change and remove items.

This works totally fine on a PC, a Mac on the other hand (in Gui mode) has the recursive option turned on so it will address any data below the top-level.

Yes they are AD accounts, but the machine is not logging into the domain, the Mac users are just mapping a Windows share using their AD credentials. If there is no way to prevent this behavior, that's fine I just wanted to ask a larger community.
0
 
LVL 28

Accepted Solution

by:
jhyiesla earned 250 total points
ID: 39193997
By "GUI Mode" I assume you mean you are looking at the remote share in Finder???

Not sure that I know what the "recursive option" is. It's not that I know everything there is to know about OS X, but I've never heard of that before.  Where are you seeing that?
0
 

Author Closing Comment

by:kalajj
ID: 39205522
I think that both of you answered to the best of your knowledge, thanks for trying.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Firefox freezing mac 10 85
can't connect to wireless with ipad 12 52
How to install USMT 11 55
exchange support of mac 2 49
The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
Apple's Mac OS X has become an official member of the malware club. The Flashback Trojan has affected over half million Macs, worldwide. It is behavior that ultimately gets malware onto a person’s computer. Obsolete or out-of-date software helps…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now