?
Solved

How can I take away write permssion in ntfs but allow delete permssion

Posted on 2013-05-29
10
Medium Priority
?
307 Views
Last Modified: 2013-06-04
Hi,

I have tried to set the special permission delete. - I have set to allow delete files and folders.
The share permission is read and traverse. The problem I am having is I have taken away write permission to a folder to enforce use of document management system. When they move their files into doc management system they cant delete from the file server as they no longer have write permission. We now have both source and destination file (duplicate copies.

Where can i allow delete and not write please.
0
Comment
Question by:philb19
  • 5
  • 4
10 Comments
 
LVL 9

Accepted Solution

by:
EMJSR earned 1500 total points
ID: 39206664
The Advanced folder/file permissions is where you do that. You can either set "Allow" or "Deny" to a specific attribute.

Please see below for a detailed explanation:

http://www.windowsecurity.com/articles-tutorials/authentication_and_encryption/Understanding-Windows-NTFS-Permissions.html

I hope his helps you further.
0
 
LVL 1

Author Comment

by:philb19
ID: 39206667
Thanks EMJSR - however I have set it in advanced - It does not work
0
 
LVL 9

Expert Comment

by:EMJSR
ID: 39206681
Have the users logged off and on again in between?  Permissions usually only grip after the user has reauthenticated with the server. Have you turned off inherited permissions? Have you set the permissions for the right users (e.g. Domain Users)? Might be stupid questions, but just to confirm.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 1

Author Comment

by:philb19
ID: 39206695
Have the users logged off and on again in between?  Permissions usually only grip after the user has reauthenticated with the server. Have you turned off inherited permissions? Have you set the permissions for the right users (e.g. Domain Users)? Might be stupid questions, but just to confirm.

:( - Yes all of above
0
 
LVL 9

Expert Comment

by:EMJSR
ID: 39206755
What about the sharing permissions? Are those folders shared directly? Maybe it would be worth to look at those, too. Shouldn't matter, but...
0
 
LVL 1

Author Comment

by:philb19
ID: 39206759
sharing permissions are limited - only read write or full controll. But yeah im thinking i have to give write share permssion. - However as the folder tree is deep with terrabytes of data and permissions where i want to  "take away" write permsiion - i want to avoid giving write/share permission
0
 
LVL 1

Author Comment

by:philb19
ID: 39206760
taking away write/share - is how i removed write in the first place
0
 
LVL 9

Expert Comment

by:EMJSR
ID: 39206772
Hm. This is curious. Maybe try too make a new security group in AD and see if permissions will work better with that once you have added users, or, try and add a single user and see if that works better.
0
 
LVL 9

Expert Comment

by:VirastaR
ID: 39207256
0
 
LVL 1

Author Closing Comment

by:philb19
ID: 39220972
i have not resolved - i think minimum of write/share permission is needed
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There's never been a better time to become a computer scientist. Employment growth in the field is expected to reach 22% overall by 2020, and if you want to get in on the action, it’s a good idea to think about at least minoring in computer science …
Feeling responsible for an unfortunate ransomware infection on my parent's network, persistence paid off as I was able to decrypt a strain of ransomware that was not previously (or at least publicly) cracked. I hope this helps others out there affec…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

600 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question