Solved

Preveng Delete on Shares

Posted on 2013-06-17
10
173 Views
Last Modified: 2013-07-03
Hello......how can I prevent users on deleting files on a shared folder in Windows Server 2008?

OS: Windows Server 2008 R2
0
Comment
Question by:CCS-IT
  • 4
  • 4
  • 2
10 Comments
 
LVL 54

Accepted Solution

by:
McKnife earned 500 total points
ID: 39254761
This cannot be answered as we don't know how the share is being used.
Example: you keep office documents there. When users open, edit and then close documents on that (now "non-delete-") share, office will throw errors because it would no longer be able to delete temporary files... which are indeed placed right there where the original document lives - not practicable.
0
 

Author Comment

by:CCS-IT
ID: 39254959
McKnife,

Only users authenticated through Active Directory can access the shares, which resides on the Win 2008 server. I hope this helps.

Thank you.
0
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 39255093
remove the modify and delete NTFS permissions BUT if a user opens a Microsoft Office Document the program creates a temporary file and when you save it or exit the program even with NO changes the original file is deleted and the temporary file is renamed to the original file
0
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

 
LVL 54

Expert Comment

by:McKnife
ID: 39255566
CCS-IT, you miss my point. Please tell us if you keep office documents there or not. if not, make sure there are no other doc types in there that create temporary files right on the share on opening.
BECAUSE if they did, you simply cannot use a "non-delete-share".
0
 

Author Comment

by:CCS-IT
ID: 39258050
McKnife, yes there are various doc types in the shared folders.  My simple goal is to prevent a user from deleting a sub-folder files in the sub-folder on the share.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39258059
> My simple goal is to prevent a user from deleting a sub-folder files in the sub-folder on the share - yes, that was easy to guess.
> there are various doc types in the shared folders - that was not the question. Question was: do these "doc types" generate temporary files on the share the doc resides on when opening? This has to be tested.
0
 

Author Comment

by:CCS-IT
ID: 39260769
I apologize McKnife for not understanding your question at first, How do I test if "these "doc types" generate temporary files on the share the doc resides on when opening"?  Or where do I look for these temp files to appear when I open one of the docs?
0
 
LVL 54

Expert Comment

by:McKnife
ID: 39261646
This has to be tested. Copy the share or parts of it, modify the ACLs so that deleting is denied and try to open and close all relevant file types. [these temp files, as mentioned, would appear right at the place where the document itself lies, they might be hidden in explorer, if your view settings don't display hidden files, you won't see those - take word docs for example, they create such temp files, having the same ending (.doc/.docx) but a prefix ~$ .
0
 

Author Comment

by:CCS-IT
ID: 39266691
McKnife, when I open excel and word documents, I don't see the temp files.  But I tested under another user and was able to see the temp files. Is it possible for me to prevent delete if this is happening?
0
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 39267217
We have been telling you repeatedly that NO it is NOT possible.

What you can do is set up a directory structure and permissions  i.e.
sales -  (manager has complete permissions  read/write/modify/delete
--- accepted documents -- manager read/write/modify/delete  sales dept users only
                                            READ   and or READ/WRITE requires manager to modify/delete
---  pending
          -- user1  only manager and user have access to this folder (read/write/modify) others
                          just read access
          -- user 2   ditto above
          --  user 3   dito above
--- sales group shared -- all have read/write/modify delete

The manager can move documents up the tree but once they are committed the sales team only has read access and if they want to save a new version the older one can only be overwritten by the manager and can only be saved in their OWN or the Group Folder
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In a hurry?.. scroll down to "HERE's HOW TO DO IT" Section. Greetings All, I was going to post this as question/solution, but its seems more appropriate as an article considering its length.  I felt it important to illucidate all the details c…
I see many questions here on Experts Exchange regarding switch port configurations and trunks. This article is meant for beginners in the subject to help to get basic knowledge about Virtual Local Area Network (VLAN (http://en.wikipedia.org/wiki/Vir…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question