General discussion

  • Creator
  • #2091369

    NT Folder Permissions


    by gary haldane ·

    Is it possible to stop a user from copying or dragging a folder to which they have minimum or no permissions to a different location.
    Once a copy has been made then the user has access to all sub-directories and files.

All Comments

  • Author
    • #3880237

      Create a profile…

      by parsonsac ·

      In reply to NT Folder Permissions

      using the profile manager, create a profile for the user and then restrict the rights the user has to move folders

    • #3880208

      No permissions means no permissions

      by pkust ·

      In reply to NT Folder Permissions

      If a user has no permissions (Permissions setting No Access), then they will not be able to access a file or folder, period. To copy a folder requires, at a minimum, read permissions. No Access would prevent unauthorized copying–along with everything else.

      Consequently, a user can copy a file or folder only if they have access to it to begin with. If access is your concern, set users’ access rights to No Access where appropriate and be done.

      The far more delicate scenario (and, unfortunately, the far more likely one), is where a user needs Read access, and the need exists to restrict the users ability to transfer data to a local hard drive or other place on the network. Profiles that limit the ability to copy files and folders is one mechanism that should be considered. Also, one needs to address permissions across the network. In such an environment, users should not have access to directories without explicit need, and even the concept of personal directories should be critically examined. To address the concern of unauthorized replication of data, you have to look not only at the permissions at the source, but also on all potential destinations. If there’s no place to which data can be copied, then the data can’t be copied at all.


      Peter Nayland Kust
      TekMedia Communications

      • #3870084

        An Alternative Method for Access Control

        by brucegyl ·

        In reply to No permissions means no permissions

        I have this concept in place:
        Give each user full access to his/her own directory of data and ‘no access’ to the other users. Create a Public directory in each folder for groups of like users and give all the users in the group full control of this Public dir. Any one can copy a file into this dir and allow the other user to view, copy, or move to their own directory. This will compartmentalize and secure each user’s data from any other user on the system. Public directory access will be simplified if your users are members of a ‘group’ you create. The access to Public would not have to be updated for each new user. Just delete old users and add new ones to the authorized ‘group name’. Good Luck.. bruce gayle

Viewing 1 reply thread