NTFS Permissions 'best practice' advice needed - Windows NT

This is a discussion on NTFS Permissions 'best practice' advice needed - Windows NT ; I have been trying for some time to set the permissions on an Windows 2000 NTFS drive for some time now but half the time I do what seems to be the correct thing I get unexpected results. In the ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: NTFS Permissions 'best practice' advice needed

  1. NTFS Permissions 'best practice' advice needed

    I have been trying for some time to set the permissions on an Windows
    2000 NTFS drive for some time now but half the time I do what seems to
    be the correct thing I get unexpected results. In the end I have not
    been able to come up with a wining combination so I thought I would put
    it out to all of you kind folks.

    I have a "clients" folder with about 100 clients each folder
    bearing the clients name. In each of the individual clients folders I
    have 9 standard folders common to all. I want to lock down the
    "Clients" folder, all of the individual clients folders and the 9
    standard subfolders so that no user can move, delete or rename. Also in
    the "Clients" folder I don't want them to be able to create any
    new folders. But in the individual clients folders I want them to be
    able to create files and folders as well as being able to do this below
    the standard 9 folders.

    I've had many false starts and learned things like "You have to log
    out and back in to realize membership changes" but I'm getting the
    hang of some of it. The biggest problem I see is that normally the
    filer permissions like to trickle down with inheritance. But in my case
    it seems I need to restrict, then open the privileges back up at a
    lower level. Does this mean I'm going to have to manually set
    permissions on 900+ folders? Seems kind of dumb. And if I create a new
    file in the clients subfolder won't it inherent the restrictive
    permissions? So if any of you could give me some suggestions I would
    greatly appreciate it.


  2. Re: NTFS Permissions 'best practice' advice needed

    One more thing. I was able to figure out that I could set the
    permissions at the client's folder and set it to apply to all
    subfolders and files and not the folder itself but the normal user can
    still hit the delete button causing all the content to be deleted but
    not the folder itself. Grrr... So how can I protect the folder's
    content from being deleted at the folder level and still allow people
    to delete files underneath when in the folder?


+ Reply to Thread