There are bugs on my file server on the files/folders permissions side.
I had the same bugs in a previous company with again a windows 2003 std srv

There is 2 type of bugs:
1- The permissions change all alone from one day to the next.
  I have a good exemple here case it's a single folder with only 10 xlsx files in it so it's easy to follow. I re-setup the permission yesterday and now they are all screwed. The permission are simple Domain Users = read write but no delete
Now today I see individual users name listed in there! And they are in gray which says they are inherited from the parent but when I look on the parent folder, that username is not listed!!! which brings me to the second point...

2- Permissions on children mark "inherit from parent" are not matching!
  This one is fascinating cause you can see it right on the spot!

-A chkdsk use to fix it but I cannot reboot the server every day for that it would be ridiculous...
-All windows updates are applied
-And I had this on another server in another company so it's not "just this machine"
tx! for the infos
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Thomas GrassiSystems AdministratorCommented:
have you checked the vent logs to see if you have ay messages appearing?

This the only DC in the network?
What permissions do you have at the Folder Level?  Do they include CREATOR/OWNER?  If so, what are those permissions set to?

philjansAuthor Commented:
I started the auto for "everyone" on permissions change
My other dc is not a file server it's an exchange
On the parent folder I have:
Creator owner  special permissions which when clicking on Advanced it says full control subf and files only
Domain admins full
groupe_admin modify
SYSTEM full control
Users all but delete, full control, change permissions

And if I go on one of the files under called "commandes" I see in the permissions
Ben -Full Control - Inherited from ...\Parent\     which cannot be!

And if I uncheck "Allow inheritable permissions from the parent..." and select "copy" then delete all except domain admins and click ok... all are gone but when I re-check "Allow inheritable..." "Ben" comes back there???
Active Protection takes the fight to cryptojacking

While there were several headline-grabbing ransomware attacks during in 2017, another big threat started appearing at the same time that didn’t get the same coverage – illicit cryptomining.

Thomas GrassiSystems AdministratorCommented:
I have see Allow inheritable disappear when the users are members of the domain admins group
CREATOR/OWNER is giving full permissions.  This is your standard inheritance.

philjansAuthor Commented:
IT saige: I'll change it to see but since it's only one folder and 10 files xls under that folder and no new files are put in place just edited why would names with full controls would appears on some of those 10 files?

And why would I see a name on a file that is "coming from the parent folder" but not on the "parent folder"...
Because of the CREATOR/OWNER permission.  This is the reason why taking ownership allows for you to modify files/folders that you otherwise would not be able to.

philjansAuthor Commented:
yes but:
- no one here knows how to take ownership especially "Ben" and "Michelle"
- I still see "Ben" as his name inherited on the Security tab even though he is not listed under the folder's permissions....
CREATOR/OWNER is listed as the permission.  CREATOR/OWNER is given permission by way of SubFolder and Files.  So in a folder structure like this:Capture.JPGTestFolder contains a CREATOR/OWNER permission.  The CREATOR/OWNER permission is applied to TestSubFolder1 and TestSubFolder2 as an inherited permission from TestFolder and changed to show who the current CREATOR/OWNER is; e.g. -Here CREATOR/OWNER gives full permission to Subfolders and FilesOn the SubFolder you see that CREATOR/OWNER is here but it is inherited from the parent.  testuser on the other hand is explicitly defined by way of their OWNERSHIP of TestSubFolder1.For a file, CREATOR/OWNER is replaced by the OWNER.If I remove testuser from the TestSubFolder1 screen capture permissions list, you will still see him/her in the file security because testuser *is* the CREATOR/OWNER.

As for how it changes, the user does not need to know how to take ownership.  A process that is running using their credentials is definately capable of taking ownership of the files/folders (think AV scanning, backups or file moving processes).

philjansAuthor Commented:
Here's the Folder permissions
And there are no sub-folders just xls files there so here's the permissions of one of them:
I made sure "Benoit" or anyone else was Owner on any of those 10 files... But I still see "Benoit" in the persmissions...
For the OGP 2015 Livraison.xlsx, who/what is listed as the Owner on the Owner tab?

philjansAuthor Commented:
It's me "pjanson"
By your screen shot, it looks as if the Benoit Leduc permission is an orphaned entry.  Try deselecting the 'Allow inheritable permissions...' checkbox and selecting apply (make sure you choose Add or Copy).  Then you should be able to remove the orphaned permission.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
philjansAuthor Commented:
Yesterday I restricted permissions on OWNER CREATOR and making sure NO ONE had "Take Ownership" permission and today, almost all 10 files where back to owners other then me (either Michelle or Benoit)??
So now I just deleted OWNER CREATOR from the folder and reentered MY name as owner and I'll see tomorrow  if it get change again....
I did your "...uncheck allow from parent..." and it fix it but it comes back.... I'll see tomorrow if something move
Are these file's linked, restored from a backup or on removable storage?

Thomas GrassiSystems AdministratorCommented:
Are these files part of any script that might run and copy them move them modify them at all?

What type of backup product do you use?

Could it not be working properly and resetting the file attributes

Just some thoughts
philjansAuthor Commented:
Since removing OWNER/CREATOR I've monitor the files for a couple of days and here:
@Saige : no restore from backup ever. I have Veeam here
@trgrassijr55: no scripts. Those are 10 new file in a new folder, real simple setup.
 - Veeam
 - Since it's not restoring: I don't see how it will restore permissions

What I see now are not permissions on files that do not match those on the parent folder. that seems to be gone. But what I see are Owners attributed to some users instead of me.
There are only 2 groups that have the "Take Ownership" and it's Domain Admins of course and SYSTEM.  No other...??
philjansAuthor Commented:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.