Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

inheritable Permissions / "you can't remove _______ because this object is inheriting permissions from its parent..."

Posted on 2016-11-02
7
Medium Priority
?
586 Views
Last Modified: 2016-11-02
At our company, we have a shared folder system.  There is a 2017 Budgets folder that my former boss set up so that everything inside this folder inherited the permissions of that parent folder.  I have a folder (of about 20 total) directly inside this Budgets folder in which I need to remove one specific user from.  Obviously, when I attempt to remove the user from the child folder, I get the "you can't remove _______ because this object is inheriting permissions from its parent" message.  If I click Advanced on the permissions of the child folder, un-check the Include inheritable permissions from the object's parent and click Remove, it wants to remove everyone's permissions (which I am trying to avoid).  Is there a better way to remove this one person without wiping everyone out and re-adding the ones that should have stayed?  Also, there are child folders/files inside this child folder that I want to inherit the new permissions I have modified.
0
Comment
Question by:Keith Schroeder
  • 3
  • 3
7 Comments
 

Expert Comment

by:ManieyaK_
ID: 41870290
yes the best way to accomplish this is set up Security Groups
manage users / permissions using these groups instead of assigning individual user rights
0
 

Author Comment

by:Keith Schroeder
ID: 41870307
for this particular situation, its a little late for that.  not sure how this helps.
0
 
LVL 35

Expert Comment

by:it_saige
ID: 41870391
You fail to mention your second option when you remove inheritable permissions.  When you disable the inheritance, you can remove all of the permissions or add/copy/convert (depending on your OS) the current permissions that are inherited; e.g. -

Windows 8/8.1/10 & Server 2012 -Capture.JPGWindows Vista/7 & Server 2003/2008 -Capture.JPGWindows XP/2000 & Server 2000 -Capture.JPG
Choosing the add, copy or convert option will cause the OS to use the current inherited permissions as a template for new explicit permissions.  Once you have converted them to explicit permissions, you can remove the offending permissions.  You can also apply the explicit permissions to the child objects by selecting the appropriate option after you convert the inherited permissions into explicit permissions (this way removing the offending permissions will cause all child objects to update).

-saige-
0
WatchGuard Case Study: Museum of Flight

“With limited money and limited staffing, we didn’t have a lot of choices in terms of what we could do to bring efficiency. WatchGuard played a central part in changing that.” To provide strong, secure Wi-Fi access within the museum, Hunter chose to deploy WatchGuard’s AP120 APs.

 

Author Comment

by:Keith Schroeder
ID: 41870408
Its a Server 2008 machine.  I did mention the remove option in my original post.  If I click Remove though, it takes out every user who was granted access via the inheritable permissions option in the parent folder.  I then will have to re-add everyone who should have access.  Was trying to avoid that unless it is my only option.
0
 
LVL 35

Expert Comment

by:it_saige
ID: 41870419
You want to use the 'Add' option.  This will take the current permissions that are inherited and turn them into explicit permissions (any existing explicit permissions are ignored).

-saige-
0
 

Author Comment

by:Keith Schroeder
ID: 41870426
Are you saying I should add everyone again through that Add option and then those will override the inheritable permissions?  That sounds simple enough.  Do  I need to remove the inherited permissioned users once that is done?  I just opened the permission entry for one of the users to add them.  there are a lot of options.  What all do I choose to give them modify/write permissions but not full control/ownership?
0
 
LVL 35

Accepted Solution

by:
it_saige earned 2000 total points
ID: 41870437
When you chose the add option all of the permissions that you currently see will remain (they will just be explicitly set as opposed to inherited).  Once you do this, then you can select the option to apply the explicit permissions to any child objects.  Once applied, you will then remove the permissions associated with the user you are inquiring about.  This will remove the permissions from the current folder and all child objects.

-saige-
0

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware - Defeated! Client opened the wrong email and was attacked by Ransomware. I was able to use file recovery utilities to find shadow copies of the encrypted files and make a complete recovery.
Experts Exchange expands question security options for members.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question