Solved

File/folder -windows security -Server 2003 /2008  -  over the Network

Posted on 2013-06-05
5
405 Views
Last Modified: 2013-06-21
My file server need to have some access to users with below combination

write to folder no delete
change to folder  no delete

I have set some setting on the local security modify /write with special permission to remove delete ? is that the right way
0
Comment
Question by:cur
5 Comments
 
LVL 7

Assisted Solution

by:susguperf
susguperf earned 56 total points
ID: 39224616
That is only write way or create a group, add the users in that group, create security filtering for that particular group and add users in it. Rather than playing with each single user and adding manually at the location.

You will understand in a better way. Here in this link everything is clearly mentioned. It will be easy manage and less hazardous.

Good Luck..!!
~SG~
0
 
LVL 2

Assisted Solution

by:oliverbob
oliverbob earned 57 total points
ID: 39225623
Hey have a look at this solution, I'm sure it relates to your query only..

There is a Delete and a separate Delete Subfolders & Files permission. I checked to allow the Delete permission, left the other unchecked and it works. (obviously)

They can delete files but there is still the restriction on the parent folders, (from what I just researched) They are still kept from creating folders, so that part is in place at least.

Thanks for the help!

*btw: I do have daily backups, there is a lot of activity in this folder & this was more about project mgrs having control of it vs. users arbitrarily creating & deleting and doing their own thing. ;-)
0
 

Author Comment

by:cur
ID: 39227996
bit more details . Any auditing can help me to trace the user activity  like delete/copy operation on the file server  . I hope we have more options in the 2008 and later ?
my one is 2003 advance server  .

I dont think we have any pug in for file serves to protect folder level password protection like Excel and word
0
 
LVL 9

Assisted Solution

by:VirastaR
VirastaR earned 60 total points
ID: 39228590
Hi,

Yes you can do that with the help of "Audit object access" audit event,however you need to enable this in GPO and also in the folder you want to audit.

Check the below articles for steps to perform on both sides

http://support.microsoft.com/kb/325898
&
http://technet.microsoft.com/en-us/library/cc776774(v=ws.10).aspx

Hope that helps :)
0
 
LVL 2

Accepted Solution

by:
titan123 earned 57 total points
ID: 39256368
Hey would you be interested to a third party tool for the same.

For files and folder monitoring

Thanks.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question