Answer for:

Server 2008 permissions and Office 2007 tmp files

Message 2 of 2

View entire thread
0 Votes
Collapse -

I think you've basically answered your own question; go into Advanced and edit Special Permissions. Tick the Read, Create and Write options but don't tick the Delete options. No Delete also means no Modify or Rename which may or may not be an issue for you. I would recommend granting Owner delete permission - this will allow users to modify/rename/delete their own files, but not other people's.

I've never run into the Office tmp files issue, but from the above description we can probably guess what's going on. Office is saving (ie 'Creating') tmp files (possibly autorecover files) with the users credentials. Since the user doesn't have permission to rename or delete Office can't clean them up (rename or delete) when it's done.

If accidental deletion is an issue there are a few ways to mitigate against this:
* Disable drag and drop (a common way for files to suddenly end up in different folders).
* Turn on Previous Versions. This is an awesome feature and you can have versions created on whatever schedule you like. This won't stop the deletions, but will make it dead simple to recover from.
* Implement a continuous backup system, and consider giving users the ability to do restores.
* Consider a different way of accessing files, like SharePoint. This is a free product, has strong permissions (with ties into AD), has two levels of recycle bins (which are configurable), and makes it hard to accidently delete files.