Solved

How can I take away write permssion in ntfs but allow delete permssion

Posted on 2013-05-29
10
293 Views
Last Modified: 2013-06-04
Hi,

I have tried to set the special permission delete. - I have set to allow delete files and folders.
The share permission is read and traverse. The problem I am having is I have taken away write permission to a folder to enforce use of document management system. When they move their files into doc management system they cant delete from the file server as they no longer have write permission. We now have both source and destination file (duplicate copies.

Where can i allow delete and not write please.
0
Comment
Question by:philb19
  • 5
  • 4
10 Comments
 
LVL 9

Accepted Solution

by:
EMJSR earned 500 total points
ID: 39206664
The Advanced folder/file permissions is where you do that. You can either set "Allow" or "Deny" to a specific attribute.

Please see below for a detailed explanation:

http://www.windowsecurity.com/articles-tutorials/authentication_and_encryption/Understanding-Windows-NTFS-Permissions.html

I hope his helps you further.
0
 

Author Comment

by:philb19
ID: 39206667
Thanks EMJSR - however I have set it in advanced - It does not work
0
 
LVL 9

Expert Comment

by:EMJSR
ID: 39206681
Have the users logged off and on again in between?  Permissions usually only grip after the user has reauthenticated with the server. Have you turned off inherited permissions? Have you set the permissions for the right users (e.g. Domain Users)? Might be stupid questions, but just to confirm.
0
 

Author Comment

by:philb19
ID: 39206695
Have the users logged off and on again in between?  Permissions usually only grip after the user has reauthenticated with the server. Have you turned off inherited permissions? Have you set the permissions for the right users (e.g. Domain Users)? Might be stupid questions, but just to confirm.

:( - Yes all of above
0
 
LVL 9

Expert Comment

by:EMJSR
ID: 39206755
What about the sharing permissions? Are those folders shared directly? Maybe it would be worth to look at those, too. Shouldn't matter, but...
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 

Author Comment

by:philb19
ID: 39206759
sharing permissions are limited - only read write or full controll. But yeah im thinking i have to give write share permssion. - However as the folder tree is deep with terrabytes of data and permissions where i want to  "take away" write permsiion - i want to avoid giving write/share permission
0
 

Author Comment

by:philb19
ID: 39206760
taking away write/share - is how i removed write in the first place
0
 
LVL 9

Expert Comment

by:EMJSR
ID: 39206772
Hm. This is curious. Maybe try too make a new security group in AD and see if permissions will work better with that once you have added users, or, try and add a single user and see if that works better.
0
 
LVL 9

Expert Comment

by:VirastaR
ID: 39207256
0
 

Author Closing Comment

by:philb19
ID: 39220972
i have not resolved - i think minimum of write/share permission is needed
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
local administrator password solution 26 74
Security training 4 56
Hyper V cluster 2 31
Add Local Admin to all Workstations but Block Server Access 5 45
An overview of HIPAA and guidance on this topic that Experts Exchange members can offer.
These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives bas…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now