Solved

Preveng Delete on Shares

Posted on 2013-06-17
10
181 Views
Last Modified: 2013-07-03
Hello......how can I prevent users on deleting files on a shared folder in Windows Server 2008?

OS: Windows Server 2008 R2
0
Comment
Question by:CCS-IT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
10 Comments
 
LVL 55

Accepted Solution

by:
McKnife earned 500 total points
ID: 39254761
This cannot be answered as we don't know how the share is being used.
Example: you keep office documents there. When users open, edit and then close documents on that (now "non-delete-") share, office will throw errors because it would no longer be able to delete temporary files... which are indeed placed right there where the original document lives - not practicable.
0
 

Author Comment

by:CCS-IT
ID: 39254959
McKnife,

Only users authenticated through Active Directory can access the shares, which resides on the Win 2008 server. I hope this helps.

Thank you.
0
 
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 39255093
remove the modify and delete NTFS permissions BUT if a user opens a Microsoft Office Document the program creates a temporary file and when you save it or exit the program even with NO changes the original file is deleted and the temporary file is renamed to the original file
0
What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

 
LVL 55

Expert Comment

by:McKnife
ID: 39255566
CCS-IT, you miss my point. Please tell us if you keep office documents there or not. if not, make sure there are no other doc types in there that create temporary files right on the share on opening.
BECAUSE if they did, you simply cannot use a "non-delete-share".
0
 

Author Comment

by:CCS-IT
ID: 39258050
McKnife, yes there are various doc types in the shared folders.  My simple goal is to prevent a user from deleting a sub-folder files in the sub-folder on the share.
0
 
LVL 55

Expert Comment

by:McKnife
ID: 39258059
> My simple goal is to prevent a user from deleting a sub-folder files in the sub-folder on the share - yes, that was easy to guess.
> there are various doc types in the shared folders - that was not the question. Question was: do these "doc types" generate temporary files on the share the doc resides on when opening? This has to be tested.
0
 

Author Comment

by:CCS-IT
ID: 39260769
I apologize McKnife for not understanding your question at first, How do I test if "these "doc types" generate temporary files on the share the doc resides on when opening"?  Or where do I look for these temp files to appear when I open one of the docs?
0
 
LVL 55

Expert Comment

by:McKnife
ID: 39261646
This has to be tested. Copy the share or parts of it, modify the ACLs so that deleting is denied and try to open and close all relevant file types. [these temp files, as mentioned, would appear right at the place where the document itself lies, they might be hidden in explorer, if your view settings don't display hidden files, you won't see those - take word docs for example, they create such temp files, having the same ending (.doc/.docx) but a prefix ~$ .
0
 

Author Comment

by:CCS-IT
ID: 39266691
McKnife, when I open excel and word documents, I don't see the temp files.  But I tested under another user and was able to see the temp files. Is it possible for me to prevent delete if this is happening?
0
 
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 39267217
We have been telling you repeatedly that NO it is NOT possible.

What you can do is set up a directory structure and permissions  i.e.
sales -  (manager has complete permissions  read/write/modify/delete
--- accepted documents -- manager read/write/modify/delete  sales dept users only
                                            READ   and or READ/WRITE requires manager to modify/delete
---  pending
          -- user1  only manager and user have access to this folder (read/write/modify) others
                          just read access
          -- user 2   ditto above
          --  user 3   dito above
--- sales group shared -- all have read/write/modify delete

The manager can move documents up the tree but once they are committed the sales team only has read access and if they want to save a new version the older one can only be overwritten by the manager and can only be saved in their OWN or the Group Folder
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The way I use Experts Exchange to assist me in analyzing and diagnosing a problem is I first enter a Verbose Question at Experts Exchange like: Office 2007 will hang when opening and saving files I then launch WordPad (any text editor will do) an…
When you upgrade from Windows 8 to 8.1 or to Windows 10 or if you are like me you are on the Insider Program you may find yourself with many 450MB recovery partitions.  With a traditional disk that may not be a problem but with relatively smaller SS…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question