General discussion


Folder and file permission in Windows

By yadavshashi ·

As standard on every network there is a file server with a common share where most of the users have modified permission. But suddenly and quiet often folder are deleted, moved or users save the documents in wrong folder which is not very pleasant for other users and for the person who does that. So they come up with a logical structure how and where the documents should be saved.

And here start the problem. They have folders and subfolders and that goes up to 4 levels down. They want that existing folders and subfolders should stay intact users should not able to modify or delete them but on each level they could create a folder and file. I give you an example:

So the idea is on each level user should be able to create folder but must not modify the existing folder. That means folder1 unmodified but user could create folder2, folder1.1 and folder1.2 unmodified but they should able to create 1.3.
Oh yes file server is a Windows 2003 server. Any suggestion or advise is welcome.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by BFilmFan In reply to Folder and file permissio ...

Once you have given users the modify write, which they will need to create folders, you've given away the show.

The better solution is turn on folder auditing and see whom is deleting folders.

Collapse -

by lowlands In reply to Folder and file permissio ...

If you want to you can get as granular as you want. In the security\advanced tab you could set the modify permission for subfolders and files, subfolders only, files only.

So it should be possible to achieve what you are looking for. It might however turn into a management nightmare, so I'd have to agree with filmfan that auditing and educating users might be a better option.

Collapse -

by davebkelly In reply to Folder and file permissio ...

If I understand this correctly, you want the parent folders to emain instact and the users to be able to create and modify but not delete the child objects ?

Fistly, you will need to take a look at the security settings on the parent folders. It may be a really good idea to put all of your users into a group and apply permissions for the group rather than add all the users to the folder security and have to manage them all separately.

You need to apply the appropriate security settings to the parent folders. These should have create/modify permissions for your users but not delete permissions. You also need to make sure that the parent folders are not inheriting their own permissions from their own parent folders and also that they are not set to replace permissions on child objects. This is done via the folder properties/security/advanced button (the chsk boxes are at the bottom).

Obviously once you have sorted the permissions of the parent folders and stopped them inheriting then you can apply the differing security permissions to the child folders.

Remember though, if you DENY any permissions, this will deny to anyone who falls into the group that you deny. So don't deny to Domain Users if your Domain Admin happens to be in that group too............

Collapse -

by yadavshashi In reply to

Thanks you guys. It worked, its nice to have pepole like you in this world.

Collapse -

by yadavshashi In reply to Folder and file permissio ...

This question was closed by the author

Related Discussions

Related Forums