Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Sharing - Security Permission Conflicts

Status
Not open for further replies.
mark01

mark01

Technical User
Jan 17, 2001
600
US
Here is the setup on my Windows 2000 Server...
One user named "User"

C:\ <---Everyone---(Full Control)
C:\Folder\ <---Shared Permissions--(Only Read for both Everyone & User)
C:\Folder\Word\ <---Not Shared--Unchecked the inhertable permissions---Security--User--Full Control)

K, I have one user that I don't want deleting stuff in the C:\Folder\ directory, but I do want him to delete stuff in the C:\Folder\Word\ directory. When I log in and access the share, then go into the Word Subdirectory, it wont let me delete anything.

It will only let me delete stuff when I check the &quot;Write&quot; Permission on the Share (C:\Folder\) for the User...

How can I make this user have modify rights to the C:\Folder\Word\ subdirectory, and not the C:\Folder\ directory, without adding the &quot;Write&quot; permission to the share???

Thanx
 
Sort by date Sort by votes
You need to change the share permissions to modify and then restrict based on the ntfs permissions.

Right now, no one is going to be able to do anything if they connect through the share.

set it up like this
C:\ <---Everyone---(Full Control) (i would change this to admins and system, but thats just me)

C:\Folder\ <---Shared Permissions--(Modify everyone, you don't need to put the user in the shared permissions because he is a part of everyone)

C:\Folder <---NTFS permissions should be everyone read still

C:\Folder\Word\ <---NTFS permissions Add User and give him read/write permissions and he should be able to do everything you need)

hth
pat
 
Upvote 0 Downvote
Thanks, I'll try that...

I forgot to mention that I gave the user NTFS read permissions to C:\, which should be inherited by all the subdirectories.

If Everyone has full NTFS rights to C:\, and the User has read only NTFS rights to C:\, shouldn't the most restrictive of the two take over???

My user can delete stuff off of the share when I take him off of the share, and just put everyone with modify rights...
 
Upvote 0 Downvote
You said you had turned off inherited permissions though. If you have any questions, e-mail me and i can take some screen shots on the correct permissions.

hth
pat
pgoss@usgs.gov
 
Upvote 0 Downvote
IMHO...Refrain from using the group Everyone in your security plan.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

shmoes
  • Locked
  • Question
Delegating file admin permission
Replies
3
Views
143
SamBones
SamBones
amanua
  • Locked
  • Question
Event ID 4776 Security Log
Replies
0
Views
130
amanua
amanua
Bigbadjoe
  • Locked
  • Question
Issue with Security sharing folder on Server 2012.
Replies
0
Views
96
Bigbadjoe
Bigbadjoe
Bigbadjoe
  • Locked
  • Question
Issue with Security sharing folder on Server 2008
Replies
1
Views
86
wtotten
wtotten
kurio71
  • Locked
  • Question
Clean Install of 2016 - NTFS permissions
Replies
1
Views
112
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top