NTFS folder permissions query

S

Steely

OSNN Addict
Joined
5 Mar 2002
Messages
71
Is there any way of protecting explicitly defined permissions for a sub-folder?

e.g.
Example folder structure

\PERSONAL DATA (read/write)
\PERSONAL DATA\USER 1 (inherited read/write)
\PERSONAL DATA\USER 2 (inherited read/write)
\PERSONAL DATA\SHARED DATA (inherited read/write)
\PERSONAL DATA\SHARED DATA\CONFIDENTIAL (explicit read only)
\PERSONAL DATA\SHARED DATA\ACCOUNTS (inherited read/write)
\PERSONAL DATA\SHARED DATA\SALES (inherited read/write)
\PERSONAL DATA\SHARED DATA\TECHNICAL (explicit access to group)\PERSONAL DATA\SHARED DATA\LEGAL (explicit access to group)


If someone were to look at the permissions at the \PERSONAL DATA\SHARED AREA and choose to 'replace permissions entries on all child objects with entries shown here that apply to child objects' this will force reinheritance again for the CONFIDENTIAL, ACCOUNTS, SALES, TECHNICAL and LEGAL sub-folders. The user is prompted to that effect, however mistakes happen especially when you're training less experienced support technicians.

Does anyone know of a way that we can stop the permissions from being reherited, via third-party software or tweak?

Thanks




Dan
 
Take away 'Full Control' from everybody except yourself for the folder \Personal Data\Shared Data

Without 'Full Control' one may not modify/change permissions on the folder, or take ownership for that matter.
 
Thanks for the reply. No-one has full-control permissions aside from myself and selected core admins, at best users have only read/write access.

Is it possible to prevent the explicit permissions in the \PERSONAL DATA\SHARED DATA\CONFIDENTIAL (explicit read only) from being reinherited from \PERSONAL DATA\SHARED DATA if someone selects the option to 'replace permissions entries on all child objects with entries shown here that apply to child objects'. I know you are warned that this will affect permissions on child folders, but it would be useful to have another contingency in place.

If third-party tools can be used, they must be Active Directory compatibile.

When you've got 50 parent folders, each containing 30 - 40 child folders and a further 20 - 30 child folders off those, each with permissions set a varying levels, if someone were dumb enough to replace permissions at the root, replacing all permissions on all child objects, it would take hours to sort! :squareeye :mad:

Cheers



Dan
 
You must log in or register to reply here.

Members online

No members online now.
Total: 405 (members: 0, guests: 405)

Affiliates

lunarsoft.net techzonez.com

- Contact us to trade links -

OSNN OSNN NTFS XP-erience

Latest profile posts

Steevo
Steevo
Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
•••
Steevo
Steevo
Any of the SP crew still out there?
•••
Xie
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
•••
N
Nismo83
hello peeps... is been some time since i last came here.
•••
Electronic Punk
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.
•••

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back