RE: NTFS permissions isses
From: Kim K (KimK_at_discussions.microsoft.com)
Date: 11/29/05
- Next message: Laura \( '_' \): "Re: XP internet security broken"
- Previous message: Roger Abell [MVP]: "Re: IPSec how to block only incomming traffic"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 29 Nov 2005 06:40:08 -0800
See answers below:
1. No, even as the admin logged into the machine I nor the user) can delete
anything
2. Effective permissions shows that Domain Admins and local administrator
have all and full rights to everything, and windows can not calculate the
permissions levels for the user of the folder.
3. No
4. No GPO have been deliberately set by myself, all are default.
I tried to recheck “Replace permission entries…” etc and got an error
message "an error occurder when trying to apply security information to
(path) Access Denied."
I was not able to delete the folder until I unshared it and went to Owner
and selected the Administrator account and Replace owner in subcontainers and
accounts.
Maybe this will help:
I have a folder on the drive that containes all the staff folders. The
folder on the root of the drive is NOT shared, the folders within are all
shared in this fashion; nameofuser$, sharing and security are set to everyone
and full control, advanced options -I add the Domain Admins, I check the
Allow inheritable permissions and say yes to allow that, I then select the
“Replace permission entries…” and say ok to allow that. The staff memeber
is given modifyable control and Administrator and Domain admins have full
access and control. All are able to save things TO the folder - none can
delete.
Thanks.
"Wong Tuck Wah" wrote:
> Hi Kim, are you able to verify the following few things.
>
> 1. can they delete if they login locally on the server, instead of thru the
> shared folder
>
> 2. use the effective permissions for NTFS to check what is they have delete
> permision
>
> 3. since you allow inherited permission, is/are there any groups which have
> explicitly deny permission
>
> 4. are there any GPO which has set the security on the file system
>
> Knowing all these can reduce the scope for troubleshooting.
>
> "Kim K" wrote:
>
> > Issue: Shared folders on server 2003 for staff can send data to their
> > folder but they can not modify or delete files/folders. Administrator of
> > server can not delete folders although it appears to that single files not
> > placed in folders can be deleted. When trying to delete folders/files, the
> > message that "make sure the disk is not full or write-protected or in use
> > message appears and denies access to deletion for user and all admins.
> >
> > Setup: Folder created and hidden, properties and permissions are set to
> > Everyone and full control. Under the security tab, Domain Admins are added
> > and set to full control, as well as the administrators of the server. The
> > user has been set for everything but full control. Under the advanced
> > permission settings the Allow inheritance permissions got checked and ok to
> > the message that appeared and then I checked the Replace permission entries
> > on all child objects with entries shown here that apply to child objects and
> > clicked ok. The Administrators and Domain Admins show full control, the user
> > is Modify and nothing is inherited from, applies to is This folder,
> > subfolders and files.
> >
> > Administrators, Domain admins nor the user can delete any files or folders
> > form the users folder. If I go back to the advanced permission settings the
> > Replace permission entries on all child objects box is now unchecked. Since
> > this appears on all my staff folders I assume that this is normal, but what
> > am I missing that is not allowing for admin access to delete a simple folder?
> >
> > Thanks in advance to this nutty problem.
- Next message: Laura \( '_' \): "Re: XP internet security broken"
- Previous message: Roger Abell [MVP]: "Re: IPSec how to block only incomming traffic"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
