NTFS modify but not delete

  • Thread starter Thread starter Julian Dragut
  • Start date Start date
J

Julian Dragut

Hi Guys,

I know it sounds trivial and maybe sounds like a stupid question but I
couldn't really find a way to prevent my users from deleting files from a
shared folder on a file server, but still be able to create and modify.

The folder contains only office documents (and I know they create a special
temp file once opened), and it's either the users modify but then they can
delete files, or they cannot delete files but they aren't able to save the
changes to the files at all.
Any input would be highly appreciated!
data:
Win2K domain, ntfs 5, either basic or dynamic disks, I think the file server
might have been an NT4 before, brand new test users, brand new test security
groups, no luck whatsoever
PS: I was able to do it on any non office files (ie txt)
Julian Dragut
 
Try adding a grant of modify for Creator Owner,
possibly also adding a grant so that Users can create
new files (depending on just what they already have).
The Creator Owner grant will let them delete the temp
files that are created while editing the Office docs as
each account will be owner of the ones it has caused.
 
Thank you Abell,

That means that the users will be able delete, which is exaclty what I don't
want them to do!
 
It means they will be able to delete what they created,
such as the temp files. It does not mean they will be
able to delete files that they did not create.
 
Thanks again Abell,

It was clear to me in the first place; however, files created by them can be
deleted and I don't want that, plus the rest of the users are still unable
to save the modified files.....feel like I'm missing something here (back to
the ntfs basics maybe?)
 
But you see, you have now added another part of the
requirement - that they can create files there also.
Before you only said modify file but not delete.
The solution I indicated works if you are willing to
allow one user to be "master" or "originator" of a
document, and all others to be editors of it (but not
able to delete it). The originator of the file will have
the ability to remove what they started (unless the
ownership and direct grant to that originating account
are periodically removed by nightly script).
 
Thank you Abell,
It seems that this (master - modifier) it's my only choice ...sadly!
Thank you for your prompt responses!
Julian Dragut
 
Julian Dragut said:
Thank you Abell,
It seems that this (master - modifier) it's my only choice ...sadly!
Thank you for your prompt responses!
Click to expand...


You are welcome Julian.
Notice that this in not a Windows design issue, but a failing
of Office to recognize why we have %temp% and %tmp%
environment variables and using them.
<aside>
would someone please slap that Office group upside the head
</aside>
 
Hear ya!
100% agreed
Julian Dragut
Roger Abell said:
You are welcome Julian.
Notice that this in not a Windows design issue, but a failing
of Office to recognize why we have %temp% and %tmp%
environment variables and using them.
<aside>
would someone please slap that Office group upside the head
</aside>
Click to expand...
 
Back
Top