I have a client who is running SBS 2008 and Windows XP Pro. On the Windows XP computers is running Office 2007. I am trying to stop people deleteing files but want to allow creation and modification. If I stop modify in the server 2008 SBS people are unable to save word or excel documents as it says access denied. I am asuming excel and word needs modify to create a tmp file when saving. if this is the case please can anyone tell me a way round this.
jcomputing
0
Newbie Poster
Recommended Answers
Jump to PostWhat I would recommend is that on this file share, you set up individual shares for each employee. Then you can provide modify access to each indvidual for their own directory. This way, users will not delete, or modify each other's files.
Jump to PostI think the editing should not take on share but should be copied to share after editing is finished, then there is not temp file in share. Each user could have own subfolder as mentioned allready.
All 5 Replies
JorgeM
958
Problem Solver
Team Colleague
Featured Poster
What I would recommend is that on this file share, you set up individual shares for each employee. Then you can provide modify access to each indvidual for their own directory. This way, users will not delete, or modify each other's files.
jcomputing
0
Newbie Poster
All users use the same folder as one share. Is there no way of setting up the permissions to stop delete but allow creation and modifcation without problems in saving. Is this a known issue with off 2007 do you know.
TrustyTony
888
pyMod
Team Colleague
Featured Poster
I think the editing should not take on share but should be copied to share after editing is finished, then there is not temp file in share. Each user could have own subfolder as mentioned allready.
jcomputing
0
Newbie Poster
Is this a known problem with office 2007? Creating individual folders would not help as everyone needs access to this specific folder. Just need to stop file and folder deletion and its only office documents that are an issue. On other versions of office this has never been an issue on server 2003. A think copying files to the local computer to save them then copy them back to the server again would cause user complications and problems.
SudoWin
0
Newbie Poster
Hi,
So this is how I would approach the issue.
On the folder that you are sharing go into the permissions tab.
Untick the include inheritable permissions check box.
Click copy or add depending on server os version to the messagebox that pops up, this will copy the current permissions to the folder.
Next I would set up (assuming you have a active directory) 3 security groups.
1 group is for read
1 group is for write
1 group is for modify
Add users you only want to be able to read documents in the file to the read group.
Add users you want to be able to create documents and edit them to the write group
Then add users who you want to be able to delete documents to the modify group.
This will allow the users above to have the permissions as stated.
You then add these groups to the folder being shared with the permissions for each group.
Once you have done this you should tick the button replace all child object permissions ..... To push this change down to all the files below.
This should create the solution you would like.
You can take this one step further. If you have a user who is in the write group and they create a new document then decide it is not needed they could not delete it. To get round this you can give the Creator OWNER group modify permissions. This would then allow the creator of a document to delete it even if they are not in the modify group.
Hope this helps.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.