Permissions in Server 2008

Hello Experts!

I created a folder that need to be tightened down to one Full Control user.  Other users can read and execute.

However when I got that that folder form another user, that user can still make changes to the file.  Sharing is apparently different in '08 than it was in '03.

What all do I need to do to prevent changes to this file except by that one user?

Thanks

thedslguy
LVL 1
thedslguyComputer and Network ConsultantAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

NVITCommented:
Assuming the UserToLockOut previously had the right to make changes before you locked it down, UserToLockOut must logout then logon to see new rights.
0
thedslguyComputer and Network ConsultantAuthor Commented:
NewVillageIT

UserToLockOut is a term with which I am not familiar.

Tell me more about it, please.

Thanks

tdg
0
NVITCommented:
Sorry, I just meant in general - the user you want to lock out or restrict from that folder or file. It is not a switch or setting.
0
Newly released Acronis True Image 2019

In announcing the release of the 15th Anniversary Edition of Acronis True Image 2019, the company revealed that its artificial intelligence-based anti-ransomware technology – stopped more than 200,000 ransomware attacks on 150,000 customers last year.

thedslguyComputer and Network ConsultantAuthor Commented:
NewVillageT

OK, I get it.

Look at the screenshot I sent.  you will notice that Users is the user I have selected and it is both Full Control and greyed out so I cannot change it.

I believe this is the reason that any user can make changes to the file.
0
NVITCommented:
I don't see an attachment.

when I got that that folder form another user
Please clarify.

What have you done so far to try to restrict access?
0
thedslguyComputer and Network ConsultantAuthor Commented:
NewVillageT

That should have read "When I go to that folder from another user....."

I have given one user Full Control and the other users I gave Read & Execute

I'll get another screenshot and attach it
screenshot.jpg
0
NVITCommented:
EDIT #2:

Logon admin.

Make a test folder and copy some files to it.

Right- click the folder. Properties. In the Security tab , pick Advanced. Pick Change Permissions. Uncheck Include Inheritable Permissions from parent. In the pop up dialog, pick Add.

Pick OK until you're back to the Security tab. Pick Edit.

Here, Add and Remove users and groups.

Make sure the restricted user and his groups just has Read & Execute rights.

But, make sure your Full Control user, administrator or domain admin is included with Full Control rights.

Pick OK when done.

Logon the restricted user. Can he see the folder contents? He may be able to see the folder but not the contents.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
thedslguyComputer and Network ConsultantAuthor Commented:
NewVillageIT

I'll try this over the weekend.

Thanks

tdg
0
thedslguyComputer and Network ConsultantAuthor Commented:
I tried this and the result was a loss of information such that the user had to rebuild the file.
She was pretty upset and so was her boss.

They have decided to leave it as is.

There is definitely something wrong with the file, but I'm not willing to risk any further damage.

I will split the points

tdg
0
thedslguyComputer and Network ConsultantAuthor Commented:
Oops

No need to split them.
0
NVITCommented:
@thedslguy,

I'm confused. You awarded points but it doesn't sound like it worked due to "...loss of information"

Still, the steps I showed would not damage the file contents. At the most, it would hide the file itself from certain users except the Full Control user, domain admin, or administrator. The file would still be there, accessible to these excepted users. In addition, I mentioned to do a test folder.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.