Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How can I take away write permssion in ntfs but allow delete permssion

Posted on 2013-05-29
10
Medium Priority
?
302 Views
Last Modified: 2013-06-04
Hi,

I have tried to set the special permission delete. - I have set to allow delete files and folders.
The share permission is read and traverse. The problem I am having is I have taken away write permission to a folder to enforce use of document management system. When they move their files into doc management system they cant delete from the file server as they no longer have write permission. We now have both source and destination file (duplicate copies.

Where can i allow delete and not write please.
0
Comment
Question by:philb19
  • 5
  • 4
10 Comments
 
LVL 9

Accepted Solution

by:
EMJSR earned 1500 total points
ID: 39206664
The Advanced folder/file permissions is where you do that. You can either set "Allow" or "Deny" to a specific attribute.

Please see below for a detailed explanation:

http://www.windowsecurity.com/articles-tutorials/authentication_and_encryption/Understanding-Windows-NTFS-Permissions.html

I hope his helps you further.
0
 
LVL 1

Author Comment

by:philb19
ID: 39206667
Thanks EMJSR - however I have set it in advanced - It does not work
0
 
LVL 9

Expert Comment

by:EMJSR
ID: 39206681
Have the users logged off and on again in between?  Permissions usually only grip after the user has reauthenticated with the server. Have you turned off inherited permissions? Have you set the permissions for the right users (e.g. Domain Users)? Might be stupid questions, but just to confirm.
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
LVL 1

Author Comment

by:philb19
ID: 39206695
Have the users logged off and on again in between?  Permissions usually only grip after the user has reauthenticated with the server. Have you turned off inherited permissions? Have you set the permissions for the right users (e.g. Domain Users)? Might be stupid questions, but just to confirm.

:( - Yes all of above
0
 
LVL 9

Expert Comment

by:EMJSR
ID: 39206755
What about the sharing permissions? Are those folders shared directly? Maybe it would be worth to look at those, too. Shouldn't matter, but...
0
 
LVL 1

Author Comment

by:philb19
ID: 39206759
sharing permissions are limited - only read write or full controll. But yeah im thinking i have to give write share permssion. - However as the folder tree is deep with terrabytes of data and permissions where i want to  "take away" write permsiion - i want to avoid giving write/share permission
0
 
LVL 1

Author Comment

by:philb19
ID: 39206760
taking away write/share - is how i removed write in the first place
0
 
LVL 9

Expert Comment

by:EMJSR
ID: 39206772
Hm. This is curious. Maybe try too make a new security group in AD and see if permissions will work better with that once you have added users, or, try and add a single user and see if that works better.
0
 
LVL 9

Expert Comment

by:VirastaR
ID: 39207256
0
 
LVL 1

Author Closing Comment

by:philb19
ID: 39220972
i have not resolved - i think minimum of write/share permission is needed
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's take a look into the basics of ransomware—how it spreads, how it can hurt us, and why a disaster recovery plan is important.
Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

879 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question