Re: NTFS folder permissions - Creator Owner issue (I think)
- From: "F Laufs" <FLaufs@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 23 Jan 2006 08:22:02 -0800
Roger,
Thank you very much for your help.
You're saying that this group can change permissions even when not expressly
granted the permission to change permissions or denied it, but I have never
read this anywhere, and can't seem to find any documentation on it on the
net. (I do believe you as I have seen the results!) I'd like to read up on
the rights that this group has that I am not aware of.
We would really like to prevent users changing the permissions on folders
because they tend to lock themselves and IT support out of them. Do you know
of any method of doing this?
"Roger Abell [MVP]" wrote:
>
> "F Laufs" <FLaufs@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:77E028E8-8366-4069-A32A-F71710489B04@xxxxxxxxxxxxxxxx
> > Hi all,
> >
> > I need to set up the permissions on a folder so that:
> >
> > For users in Group 1:
> > Anyone can create a file or subfolder.
> > Anyone can edit any file.
> > Anyone can copy and paste any file or subfolder.
> > Only the owner can, delete, rename or move a file or folder
> > Anyone can view permissions
> > Noone can change permissions or take ownership
> >
>
> I doubt that that combination can be attained.
> The issue is in that some files are changed by use of a temp
> file that is renamed with the original deleted.
>
> > For users in Group 2:
> > They can create, edit, copy and paste, delete, rename or move any file
> > or folder, and view permissions.
> > They can not changer permissions or take ownership
> >
> > For Group 1, I ticked R&E, List, R and W in basic settings, and then added
> > a
> > Creator Owner group to which I gave modify rights. This got me pretty
> > close
> > to what I need, except:
> >
> > (1) when trying to move a file or folder, an error message appears as
> > expected for the file, but the folder error message says '...cannot
> > copy...'
> > and then copies just the folder. I suppose it doesn't actually move it
> > but
> > this will be confusing for the users
> >
> > (2) test user can change the permissions on own folders, definitely what I
> > don't want. (On checking the advanced permissions it explicitly shows that
> > change permissions is NOT ticked)
>
> The owner can always change permissions even when they are not
> granted the permission to change permissions or denied it. Think of
> the permission to change permissions as something only important
> for non-owners.
>
> >
> > For permission set 2 I was thinking of giving Modify permissions but,
> > again,
> > this allows users to change permissions on their own folders.
> >
>
> It is not the Modify grant that allows this but being owner that does.
>
> > I wonder if there is a simple explanation?
> >
> > Regards
> >
> > Fiona Laufs
> >
>
>
>
.
- Follow-Ups:
- Re: NTFS folder permissions - Creator Owner issue (I think)
- From: Roger Abell [MVP]
- Re: NTFS folder permissions - Creator Owner issue (I think)
- References:
- Re: NTFS folder permissions - Creator Owner issue (I think)
- From: Roger Abell [MVP]
- Re: NTFS folder permissions - Creator Owner issue (I think)
- Prev by Date: Re: PGP vs Digital IDs
- Next by Date: Re: Using CUSRMGR from Win 2K Resource Kit for Mass Admin Password Cha
- Previous by thread: Re: NTFS folder permissions - Creator Owner issue (I think)
- Next by thread: Re: NTFS folder permissions - Creator Owner issue (I think)
- Index(es):
Relevant Pages
|
