File/folder -windows security -Server 2003 /2008 - over the Network

My file server need to have some access to users with below combination

write to folder no delete
change to folder  no delete

I have set some setting on the local security modify /write with special permission to remove delete ? is that the right way
curAsked:
Who is Participating?
 
titan123Commented:
Hey would you be interested to a third party tool for the same.

For files and folder monitoring

Thanks.
0
 
Sushant GulatiConsultantCommented:
That is only write way or create a group, add the users in that group, create security filtering for that particular group and add users in it. Rather than playing with each single user and adding manually at the location.

You will understand in a better way. Here in this link everything is clearly mentioned. It will be easy manage and less hazardous.

Good Luck..!!
~SG~
0
 
oliverbobCommented:
Hey have a look at this solution, I'm sure it relates to your query only..

There is a Delete and a separate Delete Subfolders & Files permission. I checked to allow the Delete permission, left the other unchecked and it works. (obviously)

They can delete files but there is still the restriction on the parent folders, (from what I just researched) They are still kept from creating folders, so that part is in place at least.

Thanks for the help!

*btw: I do have daily backups, there is a lot of activity in this folder & this was more about project mgrs having control of it vs. users arbitrarily creating & deleting and doing their own thing. ;-)
0
 
curAuthor Commented:
bit more details . Any auditing can help me to trace the user activity  like delete/copy operation on the file server  . I hope we have more options in the 2008 and later ?
my one is 2003 advance server  .

I dont think we have any pug in for file serves to protect folder level password protection like Excel and word
0
 
VirastaRUC Tech Consultant Commented:
Hi,

Yes you can do that with the help of "Audit object access" audit event,however you need to enable this in GPO and also in the folder you want to audit.

Check the below articles for steps to perform on both sides

http://support.microsoft.com/kb/325898
&
http://technet.microsoft.com/en-us/library/cc776774(v=ws.10).aspx

Hope that helps :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.