Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

NTFS access to only one file

Posted on 2014-09-04
2
Medium Priority
?
277 Views
Last Modified: 2014-09-10
using Windows Server 2003 Standard as a file server.  we have a consultant coming in and they need access to only one file on our file server.  'Allow inheritable permissions' is on.  Is there a way to give this user 'modify' permissions on only one file (ie. 'document1.doc') and nothing else?

\\server1\shared\folder1

document1.doc
document2.doc
document3.doc
0
Comment
Question by:jkimzlg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 38

Accepted Solution

by:
Hypercat (Deb) earned 750 total points
ID: 40304419
Create a separate login for that user that is NOT a member of any of the groups that are included in the inherited permissions.  Then give that user account Traverse Folder/Execute File permissions to the upper level folders and Modify permissions to only that one document. Also be sure that if there are any share permissions involved that those are set to Read for this user account.
0
 
LVL 23

Assisted Solution

by:yo_bee
yo_bee earned 750 total points
ID: 40306988
I not sure you want to use Traverse/Execute setting because this will allow users to open files within the parent folder and if allowed to propagate to subdirectory then the user will be allow to open the files in the subs.

I would use List Content/read data instead then give the rights you want to the files or you can just give rights to a user account as describe by HyperCat to just the three files.  Then give them the complete UNC path to the three files.

So do not give any rights to consultant1 accept at the file level.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question