Folder Permissions

[Michael Mishler]

The problem:

MSN Messenger creates a <username>.xml file for those who chat on MSN
Messenger. It stores their chat history in this file. Employees on this
network use MSN Messenger all the time. We would like to police their
conversations to assure they of a professional nature and not personal.
They know that we are tracking their IM's and have figured out how to delete
the <username>.xml files off their hard drives as to hide information.

The question:
How do I create a folder that MSN Messenger can write to, but not delete?

What I've tried:
I've created the folder and went into the security settings. I went into
special permissions (advanced settings) and gave "allow" permission to
Create Files/Write Data and Create Folders/Append Data. Then I denied
permission to Delete Subfolders and Files and Delete permissions. What it
does, is it will allow the <username>.xml file to be created, but it won't
allow data to append to it. It acts as though it want to delete the file
when all I'd like to do it append data. If I allow the Delete permission,
then the employee can simply delete his data and that would defeat the
purpose.

Thanks for any and all input.

~Michael Mishler

 

[David Adner]

Not sure this is possible (or at least realistically possible). As an
alternative, you might try enabling auditing on the folder and its
contents and then sending a firm policy out stating what's going on and
anyone who deletes the file will be subject to public flogging. You're
dealing with adults, not children, and your company's integrity comes
before their personal privacy while at work. You also might look into
other methods, such as keystroke recorders or something like that. I've
never used one myself.