Solved

How can I take away write permssion in ntfs but allow delete permssion

Posted on 2013-05-29
10
300 Views
Last Modified: 2013-06-04
Hi,

I have tried to set the special permission delete. - I have set to allow delete files and folders.
The share permission is read and traverse. The problem I am having is I have taken away write permission to a folder to enforce use of document management system. When they move their files into doc management system they cant delete from the file server as they no longer have write permission. We now have both source and destination file (duplicate copies.

Where can i allow delete and not write please.
0
Comment
Question by:philb19
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 9

Accepted Solution

by:
EMJSR earned 500 total points
ID: 39206664
The Advanced folder/file permissions is where you do that. You can either set "Allow" or "Deny" to a specific attribute.

Please see below for a detailed explanation:

http://www.windowsecurity.com/articles-tutorials/authentication_and_encryption/Understanding-Windows-NTFS-Permissions.html

I hope his helps you further.
0
 

Author Comment

by:philb19
ID: 39206667
Thanks EMJSR - however I have set it in advanced - It does not work
0
 
LVL 9

Expert Comment

by:EMJSR
ID: 39206681
Have the users logged off and on again in between?  Permissions usually only grip after the user has reauthenticated with the server. Have you turned off inherited permissions? Have you set the permissions for the right users (e.g. Domain Users)? Might be stupid questions, but just to confirm.
0
SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

 

Author Comment

by:philb19
ID: 39206695
Have the users logged off and on again in between?  Permissions usually only grip after the user has reauthenticated with the server. Have you turned off inherited permissions? Have you set the permissions for the right users (e.g. Domain Users)? Might be stupid questions, but just to confirm.

:( - Yes all of above
0
 
LVL 9

Expert Comment

by:EMJSR
ID: 39206755
What about the sharing permissions? Are those folders shared directly? Maybe it would be worth to look at those, too. Shouldn't matter, but...
0
 

Author Comment

by:philb19
ID: 39206759
sharing permissions are limited - only read write or full controll. But yeah im thinking i have to give write share permssion. - However as the folder tree is deep with terrabytes of data and permissions where i want to  "take away" write permsiion - i want to avoid giving write/share permission
0
 

Author Comment

by:philb19
ID: 39206760
taking away write/share - is how i removed write in the first place
0
 
LVL 9

Expert Comment

by:EMJSR
ID: 39206772
Hm. This is curious. Maybe try too make a new security group in AD and see if permissions will work better with that once you have added users, or, try and add a single user and see if that works better.
0
 
LVL 9

Expert Comment

by:VirastaR
ID: 39207256
0
 

Author Closing Comment

by:philb19
ID: 39220972
i have not resolved - i think minimum of write/share permission is needed
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Make the most of your online learning experience.
This article is written by John Gates, CISSP. Gates, the SNUG President-Elect, currently holds the position of Manager of Information Systems at Lake Park High School in Roselle, Illinois.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question