?
Solved

How to best manage folder and file security

Posted on 2016-11-30
4
Medium Priority
?
158 Views
Last Modified: 2016-11-30
I constantly struggle with deleting folders or files due to permissions.  For example I was testing our backup software and restored a backup of one folder with multiple sub-folders.   I tried to delete the restored folders and every folder except 1 deleted.  Inside the folder that didn't delete were sub-folders.  
I checked the security on the root folder and domain admins and everyone had full permissions.   I checked the box "replace all child object permissions".  When I clicked apply, I got the message "failed to enumerate objects in the container Access denied".  I checked and 3 of the sub-folders that had more sub-folders in them all had the permissions from the root folder.   The last sub-folder displayed "you must have Read permissions to view properties of this object"

This is not uncommon.  So my question is how do I change permissions all the way from the root to all sub-folders without having to do them one at a time?   Is this  Windows issue?
0
Comment
Question by:J.R. Sitman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 31

Accepted Solution

by:
masnrock earned 2000 total points
ID: 41907774
You need to verify the permissions of the subfolders in question. It could be the admin accounts were actually denied permission. For things like that, that's why you do not want to give users the ability to change the permissions on folders or files. On occasion, permissions do get corrupted, and you're forced to take ownership of the folder in order to fix things. The corruption is unfortunately not really an avoidable thing. You just have to be sure to keep good backups :)
0
 

Author Comment

by:J.R. Sitman
ID: 41907777
I seriously doubt any user changed the permissions.  Possible but not likely.  I haven't heard of permissions corruptions.   Good to know.
0
 
LVL 31

Assisted Solution

by:masnrock
masnrock earned 2000 total points
ID: 41907806
That aside, you were doing things right. I'd also recommend generally trying to avoid having subfolders with different permissions and instead try to those instances as separate shares. Can become administratively annoying though.
0
 

Author Closing Comment

by:J.R. Sitman
ID: 41907960
Thanks
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How does someone stay on the right and legal side of the hacking world?
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question