Controlling Directory access on a Windows Server

We have a Windows 2012 R2 server into which people can log in with their ID using Remote Desktop.
They log in to run various batch files and executables.  These program depend on certain files being in certain locations.
Some people are accidentally (I think) removing or renaming directories.
Is it possible to allow people to create, but not delete or rename existing directories?  The program people run are to ingest and reformat data, so it can be sent to our online database.  They do not remove or rename directories.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

CESNetwork AdministratorCommented:
You could try making the directories read only as long as they don't need to write to the same location.
AlHal2Author Commented:
They do need to write to the same location.
NVITEnd-user supportCommented:
> Is it possible to allow people to create, but not delete or rename existing directories?

Do this on desired directories.
Note: Try on a test directory first to confirm confidence.

  1. Make sure user/group is not a member of a group in the list that has modify (or higher) rights. Else these steps don't work. Example: If inheritance is on and user/group is in Domain Users and Domain Users currently shows in the list, you'll need to remove inheritance first. Then remove Domain Users. Then do the steps and add Domain Users back in.
  2. Add the user.
  3. Change permissions to Modify.
  4. OK.
  5. Advanced.
  6. Change permissions.
  7. Double-click user.
  8. Change to "This folder only"
  9. Clear Delete box.
  10. OK to close dialog.
  11. Apply.
  12. Add.
  13. Add same user.
  14. Change to "Subfolders and files only".
  15. Pick Full Control. This puts checks in all the other boxes.
  16. Clear Full Control, Change Permissions, and Take Ownership.
  17. OK to close all dialogs.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
AlHal2Author Commented:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows OS

From novice to tech pro — start learning today.