Hi,
I have a folder 'Clients' where users can create & delete files and folders as they want.
I allowed the groups of users Read, Read&Execute, Modify & Write Permission.
I want to create in this folder a subfolder 'Invoices'.
Where the users can't rename or delete the 'Invoices' subfolder (other subfolders can be renamed or deleted by users).
Where the users are allowed to create, delete files & folders in the Invoices subfolder
Thanks for helping me
Grégoire
-
A handy lookup chart: http://technet.microsoft.com/en-us/library/cc787794%28WS.10%29.aspx
To do this you'll need to turn off inheritance on that one folder, and set a series of rights. This is all done under the 'advanced' tab for permissions, or from the command-line if you'd rather. Unfortunately, the commands change between WinXP and Vista/Win7.
If you want to just allow creating/deleting files in the Invoices sub-folder, but not modifying anything, and prevent delete/rename of the Invoices folder...
On the Invoices folder:
- Block inheritance from parent folder
- Set to "This object, sub-folders and files" (the default)
- Traverse Folder / Execute File
- List Folder / Read Data
- Read Attributes
- Read Extended Attributes
- Read Permissions
- Set to "Sub-Folders and Files Only"
- Delete
- Write Attributes
- Set to "Sub-folders only"
- Create Files / Write Data
- Create Folders / Append Data
Change the Creater/Owner rights on Invoices (this will prevent owners of created files from changing things they shouldn't)
- Traverse Folder / Execute File
- List Folder / Read Data
- Read Attributes
- Read Extended Attributes
- Read Permissions
- Delete
Yes, this is complex, but it should do what you want.
: Waw! I'll test this monday and tell you the result. Thanks a lotFrom sysadmin1138
0 comments:
Post a Comment