Options
NTFS file permissions
Guys,
I have a question maybe one of you guys can help me out with. We have a customer where they scan documents and it goes into a "scans" folder inside their server. Now they use a software called XnView to view the scanned images in the tree of fodlers on the server. Everyone should and does have access to the "scans" folder. Now there is another "client Scans" where everyone should be able to read and pass documents to it... but not delete from it. Only one person from the company should have privilage to delete from the "client scans".
I have tried but there just seems no way to let people write to the folder "client scans" without letting them delete.
Any tips?
Thanks
I have a question maybe one of you guys can help me out with. We have a customer where they scan documents and it goes into a "scans" folder inside their server. Now they use a software called XnView to view the scanned images in the tree of fodlers on the server. Everyone should and does have access to the "scans" folder. Now there is another "client Scans" where everyone should be able to read and pass documents to it... but not delete from it. Only one person from the company should have privilage to delete from the "client scans".
I have tried but there just seems no way to let people write to the folder "client scans" without letting them delete.
Any tips?
Thanks
Comments
-
Options
terryfera
Member Posts: 71 ■■■□□□□□□□
You should be able to set the delete permission through the Advanced settings in permissions.
So just open the Security tab on the folder properties, click the advanced button, (might need to press change permissions), Edit..., Add the group or modify the group you want and remove the delete permission. -
Options
Darian929
Member Posts: 197
Issue is this. There is the Domain Users group which everyone belongs to and then there is the other user who should have the full permissions to that "client scans" folder. Now sicne the user also belongs to the "domain user" group if you apply "deny delete" on the domain users group when you try to apply full rights on the special user the "Deny delete" permissions will take over the rights permissions onthat user because it belongs to both groups. A bit of a confusing topic to explain. -
Options
blargoe
Member Posts: 4,174 ■■■■■■■■■□
If you simply revoke (uncheck) the modify permission, that would revoke delete as well. If they don't need to modify any of these files once they are written, then you could just give everyone read/write/execute, and the one person who is authorized to delete the additional permission of modify.IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
OptionsDarian929
Member Posts: 197
blargoe.... so what you are saying is on the "clients scans" just for domain users uncheck the Modify permissions and on the privileged user check the modify.. then everyone should be able to write to the "client scans" folder but not delete from it? Only the privileged user should be able to delete. correct?
Thanks -
Optionsterryfera
Member Posts: 71 ■■■□□□□□□□
Yup you got it, just so you can see what it should look like and what the effective permissions for each user would be here's an example:
Modify User - Permissions:
Modify User - Effective Permissions:
Read/Write User - Permissions:
Read/Write User - Effective Permissions: