Re: folder permissions

cant from work sorry, email me at kim6tom@xxxxxxxxx and I will tell you what
I want and how I wish to set it up etc. I can be more detailed in an email.
--
Thanks,,
Kim


"SBS Rocker" wrote:

I'm getting a bit confused here now as to what exactly you're trying to do
and how the folder structure you require needs to be configured. Can you
call me at 408-330-9400 ext119. I assume this will be much easier.
Allen

"Kim K" <KimK@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A5209651-9187-4674-9E2B-00641368D343@xxxxxxxxxxxxxxxx
ok let me see if I have this straight.

Users have a script attached to their profile in AD to launch a shared
directory (A) that gives them full access to store shared info. On the
same
server, I will have this other folder (B) I am trying to restrict
permissions
on, all same users. So theoretically - if I create or modify my logon.bat
to
include BOTH folders, they wil both launch or appear in my computer on the
users machine, but the read only folder (B) will over ride Folder A's full
access privledges?
--
Thanks,,
Kim


"SBS Rocker" wrote:

No. Here is how Shares and NTFS permissions work. With "Shares"
permissions
it will invoke the most restrictive access (or least permissive as some
may
say) and "superceed" any NTFS permissions. Example: If the Share security
on
a folder has Everyone = READ then it does matter if you give a user FULL
NTFS permissions on a folder. The user will have READ only access on the
folder. Which is why by default and industry best practices when setting
up
a Share folder the default is to give Everyone = FULL. With NTFS
permissions
it is just the opposite. The user will have the most permissive
permissions.
Example. A user belongs to 2 groups. Group A has Read permissions and
Group
B has Modify. The user will have the most permissive access which is
Modify.

"Kim K" <KimK@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:4140221A-03D0-48FA-823D-099A620AAA96@xxxxxxxxxxxxxxxx
I think I am getting somewhere with it all. Just have a question tho,
when
you select deny on options I get a message about a user if being a part
of
2
groups and something about deny over rides allow. Does this mean that
if
I
have a user that belongs to multiple groups, that the deny will over
ride
all
other provledges for any other folder? Or does this mean if I have
several
groups assigned to this one folder and the same user has diff priv's
assigned, then the deny will over ride the allow on that one folder
only?
(I
hope this makes sense.I am trying to find multiple answers for weird
little
isses.........)
--
Thanks,,
Kim


"SBS Rocker" wrote:

How's this coming along?

"Kim K" <KimK@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:55331D81-6A05-4528-B7A1-AFB74F30E5C6@xxxxxxxxxxxxxxxx
Her eis the set up.

RIght click on the folder - sharing and security - (sharing tab) -
permissions, everyone has full control.
Security tab, I added my security group, select everything BUT Full
control,
select advanced button, highlight my group and select edit,
everything
checked except, full control, both deletes, take owenership and
change
permissions, select ok or apply, back at the groups screen I hvae an
additional entry for my group that says MODIFY, the permissions for
that
are
everything except Full control, delete subfolders adn files, change
or
take
owenership.

I have 2 entries for my sec group, one at modify and one at read,
write.
I
have tried deleteing all groups and starting over many times. I
have
not
gotten the right combination of settings to be able to save but not
delete
mor move any files, folders.

Thanks,
--
Thanks,,
Kim


"SBS Rocker" wrote:

10-4

"Kim K" <KimK@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:30F5B794-64BA-42A6-A136-47CA544EEA92@xxxxxxxxxxxxxxxx
Look for a post tomorrow mornig, I will go thru step by step so
that
you
can
understnad hwat I did and how I did it. You might be right that
I
overlooked
a step someplace, so lets regroup tomorrow?
--
Thanks,,
Kim


"SBS Rocker" wrote:

I think you are not doing it correctly or I am misunderstanding.
You
go
to
the folders NTFS permissions. There you add your group and grant
them
Modify. Click on advance and select the group then click on
Edit.
there
you
deny the permissions that were applied on the previous window.


"Kim K" <KimK@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:C4C76586-139C-4F8B-A0C1-75DB230C6686@xxxxxxxxxxxxxxxx
in the ntfs permissions the group already had modify adn then
there
is
an
entry under that with read, write and execute. BOth entried
have
denied
permissions for delete etc. Still not working
right..................(sigh)
--
Thanks,,
Kim


"SBS Rocker" wrote:

Give the group modify then go to advance and edit the
permissions
there
using "deny" option.

"Kim K" <KimK@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A853888E-4C42-45BF-8841-21D27B1D86D7@xxxxxxxxxxxxxxxx
I can not figure this out and can not fond anyone who can
answer
so
here
I
am
asking for some help.

I have a folder on my server that will contain information
scanned
and
saved
- the original documents will then be shredded. I have a
security
group
that
will have access to this folder. I want them to be able to
save
the
documents to the folder but not to move or delete them.

I set up the folder permissions for everyone to have full
control
under
sharing and security, under security I have added my group
and
set
them
as
follows: everything except full control, under the advanced
I
edited
this
group to not allow delete, move or take owenership etc. By
playing
with
these settings I can either get them to save (and
consequently
delete)
or
not
delete (and consequently not save). I can not get the
correct
settings
for
save but no delete.

Can this be done and can someone tell me the precise steps
I
need
to
do
this?

Thanks in advance.
--
Thanks,,
Kim


















.