![]() In our company we made both the security and the sharing rights the same since no body has access to remote into the file server but the admins.Īs for owner, we made administrator the owner of all folder/file shares so that other users could not change file security settings. from what i can tell, security is user access rights for users logged in locally to the server where as sharing are rights accessed from a remote computer (fileshare) There are 2 sets of security rights in server 2008. We've struggled with this as well so i might not be exactly right on all of this. ![]() ![]() Then, on the folder that you wish to allow users to add/delete folders and file, set it to Modify for that user group for "Sub Folders and files." That way they can't delete (or rename) the containing folder. If you're trying to avoid users deleting folder higher up the tree, simply set the user group object to read-only on those folders. I would never allow users full access - that allows them to set permissions on the object. They are by no means required, typically, for a shared folder - though you may have troubles if you remove them later on with certain services. because I have been able to do this in the past.Īllowing Modify access should allow users to create folders.The System and Creator users show up by default typically to allow system services and the creator of the folder access to it. I think it has something to do with the file permissions. Is it all right to allow a user full access to a folder, subfolders and files, but deny them the right to delete the parent folder? I can't seem to master the trick. What is the purpose of the "SYSTEM", and "CREATOR" users? Are they needed? I can't seem to allow any user to create any files or folders on my network drive, even though they have write access.
0 Comments
Leave a Reply. |