Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Read/Update/Copy/Print security on a file

Status
Not open for further replies.
MDJ52

MDJ52

MIS
Mar 30, 2001
120
0
0
US
I have a rather strange request from my manager. We have a file that contains information about the vendors we deal with on certain parts.
This information is viewable by anyone on the network. They have found that someone copied the file and then printed it, since the print format lines still show when you open the file.
They would like to have very tight security put on this file. Here is the request. Provide update capability to only 2 users. All other users should have read capability only. No user, unless they go through the administrator shall have permission to copy or print the file.
I am running NT-4 on the server where the file resides. The server is also utilizing NTFS for the hard drives. We are a small company with only 35 users on the network. It would also be good to come up with some sort of program that could track the users names by time and date who update the file.
Thanks for any help.
 
Sort by date Sort by votes
I don't know how to log when a certain file is printed, but this should help you out:

You need to create a group for the users who can modify the file (maybe call it HalfAdmins)...Add the users who you want to modify the file to that group.
Also create a group for all other users. Add the other users to that group.

Then, you need to set security on the file or directory n question. Right-click the file or dir and seelct Properties, then hit the security tab... It's all right there:
For auditing, add the everyone group, then set what you want to audit.
Security... add the groups you created above, and set each selection for each group... Maybe don't even let the second group view the file at all.
 
Upvote 0 Downvote
You can create a group and do what dredoggg said but in your case I don't think it is necessary. I am assuming that you have a domain setup.
By default when a new folder is created in NT "Everyone" has full control.
Knowing that, all you need to do is right click on the folder, go to Properties, Security and remove the "Everyone" entry from the list, add the "Administrators" group to the list with "Full Control" and add your 2 users with "Read, write, execute" control.
Again, right click on the folder in question, go to properties, security, Audit. Add the two users you want, to the list and put a check mark in the success column for: "Read," "Write," and "Execute." Put a failure check mark in the rest. Place a check mark in "Replace permissions on Subdirectories," Apply and OK. It's that easy.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
105
microsGuy16
microsGuy16
DrB0b
  • Locked
  • Question
Hybrid on prem AD with Azure AD
Replies
2
Views
84
DrB0b
DrB0b
lacked
  • Locked
  • Question
problem with windows update on windows server 2016
Replies
1
Views
53
maybeimaleo
maybeimaleo
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
141
DrB0b
DrB0b
mangentle
  • Locked
  • Question
What could be the potential causes if a Microsoft Windows Server is experiencing slow network!
Replies
1
Views
135
gbaughma
gbaughma

Part and Inventory Search

Sponsor

Back
Top