Solved

File/folder -windows security -Server 2003 /2008  -  over the Network

Posted on 2013-06-05
5
397 Views
Last Modified: 2013-06-21
My file server need to have some access to users with below combination

write to folder no delete
change to folder  no delete

I have set some setting on the local security modify /write with special permission to remove delete ? is that the right way
0
Comment
Question by:cur
5 Comments
 
LVL 7

Assisted Solution

by:susguperf
susguperf earned 56 total points
ID: 39224616
That is only write way or create a group, add the users in that group, create security filtering for that particular group and add users in it. Rather than playing with each single user and adding manually at the location.

You will understand in a better way. Here in this link everything is clearly mentioned. It will be easy manage and less hazardous.

Good Luck..!!
~SG~
0
 
LVL 2

Assisted Solution

by:oliverbob
oliverbob earned 57 total points
ID: 39225623
Hey have a look at this solution, I'm sure it relates to your query only..

There is a Delete and a separate Delete Subfolders & Files permission. I checked to allow the Delete permission, left the other unchecked and it works. (obviously)

They can delete files but there is still the restriction on the parent folders, (from what I just researched) They are still kept from creating folders, so that part is in place at least.

Thanks for the help!

*btw: I do have daily backups, there is a lot of activity in this folder & this was more about project mgrs having control of it vs. users arbitrarily creating & deleting and doing their own thing. ;-)
0
 

Author Comment

by:cur
ID: 39227996
bit more details . Any auditing can help me to trace the user activity  like delete/copy operation on the file server  . I hope we have more options in the 2008 and later ?
my one is 2003 advance server  .

I dont think we have any pug in for file serves to protect folder level password protection like Excel and word
0
 
LVL 9

Assisted Solution

by:VirastaR
VirastaR earned 60 total points
ID: 39228590
Hi,

Yes you can do that with the help of "Audit object access" audit event,however you need to enable this in GPO and also in the folder you want to audit.

Check the below articles for steps to perform on both sides

http://support.microsoft.com/kb/325898
&
http://technet.microsoft.com/en-us/library/cc776774(v=ws.10).aspx

Hope that helps :)
0
 
LVL 2

Accepted Solution

by:
titan123 earned 57 total points
ID: 39256368
Hey would you be interested to a third party tool for the same.

For files and folder monitoring

Thanks.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now