Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Windows Permissions - File Share Permission

Posted on 2014-10-20
2
Medium Priority
?
270 Views
Last Modified: 2014-10-20
We have a client that had an employee be fired, the employee deleted all their files from a shared drive.

We had backups so we restored the files, but now the customer wants to make the entire file share only give users the option to change files and not delete it.

I am having issues getting this done.

1. No matter what special permissions I use, the user either cant save the file if they modify it, or they can save and delete the file.
2. If a user creates a file and save it into the drive, then the file has that user on it as full permissions by default.  The properties from the folder above populates down, but adds the user that created it to the folder.

My question is, how does everyone do this?  My suggestion was to have a monthly backup.  It will keep 28 revisions in the cloud so thats 28 months worth on top of the daily backup that is done.

Any suggestions to how we may do this or what is best practice?
0
Comment
Question by:considerscs
2 Comments
 
LVL 22

Accepted Solution

by:
Joseph Moody earned 2000 total points
ID: 40392016
You would want to change the creator/owner permission so that they don't have the delete folder/delete file option.

I honestly think your method of backing up and restoring is better. Removing the delete option will be a huge hassle and will lead to file system bloat as users stop cleaning up old stuff.
0
 
LVL 1

Author Comment

by:considerscs
ID: 40392022
Joseph,

Thanks for the information.  You are exactly right in what my thinking is.  I don't like the option of not being able to delete as users cant clean up and from what I have seen so far, temp files arent deleted either.

Thanks for the suggestions.  I am trying to push them to just the backup option.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question