DP230
asked on
Problem in users's permission on shared folder in AD 2012R2
Dear Team, we grant permissions on Active Directory 2012 folders but seems like it did not correct.
We'd like to have this schema:
- User1(duypvn) and User2(trang.vu) are members of group IT
- User1 can Delete (Modify), Read, Write subfolders and files inside folder IT (#1)
- User2 can only Read and Write subfolders and files inside folder IT (#2)
We did these settings but could satisfy only #1
We got this error when testing #2. User2 COULD create NewFolder, New Files but COULD NOT rename them although it had Write permission
Is there any way which an user can read/write/modify folders/file but CANNOT delete them? Can you please suggest? Many thanks!
We'd like to have this schema:
- User1(duypvn) and User2(trang.vu) are members of group IT
- User1 can Delete (Modify), Read, Write subfolders and files inside folder IT (#1)
- User2 can only Read and Write subfolders and files inside folder IT (#2)
We did these settings but could satisfy only #1
We got this error when testing #2. User2 COULD create NewFolder, New Files but COULD NOT rename them although it had Write permission
Is there any way which an user can read/write/modify folders/file but CANNOT delete them? Can you please suggest? Many thanks!
User needs Full Control of their own folder (shown not done above). So you need to check Full Control for them to be able to Delete.
ASKER
Don't you understand my question? I 'd like them can rename file/folder but cannot delete them. Is it clear?
Yes, I understand but a user needs Full Control or the ability to Modify which I do not see in the user permission list.
User 1 seems to have Modify ability
We have no issues with Users on Server 2012 R2 at any client.
Can you make User 2 exactly like User 1?
Also for any Standard User, share name should not end in $ - make it a standard folder name.
User 1 seems to have Modify ability
We have no issues with Users on Server 2012 R2 at any client.
Can you make User 2 exactly like User 1?
Also for any Standard User, share name should not end in $ - make it a standard folder name.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Never ever give users full control on their files and it is not required to delete files.
You can set up the above automatically with this tool
https://www.experts-exchange.com/articles/32349/FSMainFolder-Files-Server-Structure-Automation-Tool.html
You can set up the above automatically with this tool
https://www.experts-exchange.com/articles/32349/FSMainFolder-Files-Server-Structure-Automation-Tool.html
To Delete Users need Modify ability which is very close to Full Control and ONLY for the User's Folder not for general folders at all. I agree with you given the latter point here.
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I have recommended this question be closed as follows:
Accept: David Johnson CD MVP (https:#a42629995)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer
I have recommended this question be closed as follows:
Accept: David Johnson CD MVP (https:#a42629995)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
seth2740
Experts-Exchange Cleanup Volunteer