Preventing Folders from being Deleted/Moved on a Share

file-sharingwindows-server-2003

Situation: Windows Server 2003 – Users all have a mapped network drive to a common "Shared Files" file share…

File Share
- Level 1 ("Projects" folder)
  - Level 2 (Files in the project folder)

Users have been accidentally moving Level 1 folders into other Level 2 folders. What's the magic combination of permissions to achieve the following:

Users should be able to CREATE folders at Level 1.
Users should have full control (create/modify/delete) at Level 2.
Users should not be able to RENAME, DELETE, or MOVE folders at Level 1.

Edit: The trick here is that after a user creates a folder at level 2, they should automatically have full control at that level; any way to use "this level only' at Level 1 and achieve this?

Best Answer

To be able to create level one files, users need to have the Create permission for the file share folder. To prevent them from modifying level 1 folders, they need to be denied the modify permission on the file share folder. User should then be given full control of the level 1 folder to allow them to create, edit and delete level 2 folders.

Hope that makes sense!

Best Answer

Related Solutions

How to restrict users moving folders

Windows – Minimum permissions needed to create a user Home Folder in Windows Active Directory

Related Topic