Only the creator has the right to delete
Youyo_35
-
Youyo_35 Posted messages 14 Status Member -
Youyo_35 Posted messages 14 Status Member -
Hello,
I'm looking for a way to ensure that only the owner of a file in a shared folder has the right to delete it.
This way, other users can read the file but cannot delete it...
For your information, I am using Windows Server 2016, with AD.
Best regards,
YL
I'm looking for a way to ensure that only the owner of a file in a shared folder has the right to delete it.
This way, other users can read the file but cannot delete it...
For your information, I am using Windows Server 2016, with AD.
Best regards,
YL
3 answers
-
Hello,
from memory (I don’t have a server available), go to the advanced security options.
You choose your user or group, you allow modification, and you check deny on the delete option.
See you later!-
Hello,
Thank you for your help, but this does not solve my problem.
With your method, my users can indeed create and modify files in the shared folder, but no user can delete the file (except for the admin), not even its creator.
For example, let's say my folder is called "DocPart," and I have a local user domain "dl_util." "Util1," "Util2," "Util3,"...etc are part of "dl_util."
"Util1" creates a text file "Text1" in "DocPart," and "Util2" creates "Text2":
- "Util3" can read the files, but cannot modify any.
- "Util2" can read all of them, but can only modify "Text2."
- "Util1" is the same, but it's "Text1."
There you go, I can't be clearer!
Thank you in advance
Talk soon
-
-
Hi,
- Right-click / Properties on the file
- Security tab.
- Set everyone to read
- and only the user to modify.
See: https://www.malekal.com/les-autorisations-et-la-gestion-de-fichiers-et-partagessous-windows-avec-le-systeme-de-fichiers-ntfs-2/
--
Please press a key to continue the disinfection...-
Hello,
Thank you for your reply as well, but this does not solve my problem either.
I am providing more details above...- Well, it doesn't change anything, you need to play with the NTFS permissions (security tab)
- Put the right folders with the users in the highest directory.
- You need to remove the inheritance from the parent.
- You create the appropriate accesses
- with users without modification
- and for the user who needs it, you set the permissions to modify.
- And you propagate all that to the children.
- When the user creates the file, they will inherit from the parent, thus with the permissions you set.
If there are too many users, you create user groups.
-
Hello,
without having ever tested it, see if you can do it with this:
https://blog.varonis.fr/aduc/
(to install it --> https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_install_ad_tools.html#install_ad_tools_win2016)
A+