NTFS permissions for deny delete.

[ironk]

Trying to set NTFS permissions on a folder on XP Pro so that the folder can't be deleted by accident. I would like it so that new files could still be copied or downloaded to the folder, but not deleted once they are in there. Tried to do it through the properties of the security tab, but for some reason whenever I download a new file to the folder, a popup comes up saying that the file already exits even though it doesn't. Not sure how to go from here...it would be great to have the permission for 'everyone', but just the user or admin would be sufficient.

 

[Bubbaleone]

Without knowing what user permissions you've set, and who has ownership, it's not possible to advise you. When you say; "Tried to do it through the properties of the security tab..." what exactly do you mean?

If you're the administrator, and you don't want the folder to be "accidentally" deleted, then you need to take ownership, give youself and System full control, and remove all permissions for any other users. That'll ensure that nobody but you can delete the folder.

 

[ironk]

Basically, I right clicked on the folder and went into the security tab like so:

Right click folder > (selected Administrator/user)> Advanced > (selected Administrator/user) > edit > (put a check in the Delete deny box) > OK

Not sure if thats the correct way to do it since there are many other boxes that can be checked at the bottom such as "Apply these permissions to objects and/or containers within this container only."

 

[Bubbaleone]

Basically, I right clicked on the folder and went into the security tab like so:

Right click folder > (selected Administrator/user)> Advanced > (selected Administrator/user) > edit > (put a check in the Delete deny box) > OK

Not sure if thats the correct way to do it since there are many other boxes that can be checked at the bottom such as "Apply these permissions to objects and/or containers within this container only."

Learning how to set advanced NTFS file permissions isn't a subject explained in one or two paragraphs. Once you've studied and practiced the procedures, so that you understand what you're doing, you'll find it an invaluable resource.

etutorials.org offers an excellent free course on all the procedures for setting advanced NTFS permissions:

Chapter 8 -- Securing Resources with NTFS Permissions



.

 

[KillerBee]

etutorials.org offers an excellent free course on all the procedures for setting advanced NTFS permissions:
Chapter 8 -- Securing Resources with NTFS Permissions
.

Well the questions are free ...but the chapt 8 answers will cost ya:sneaky:

 

[Bubbaleone]

Well the questions are free ...but the chapt 8 answers will cost ya:sneaky:

The three lessons in chapter 8 provide very clear, fully answered step-by-step instructions, practical exercises, and lesson summaries. It costs absolutely nothing to self-study, and learn from, any of this material. From the tone and content of your post, "studying" is probably foreign to you.

 

[KillerBee]

Are you sure you checked your answers?

hmm..still no response?
http://www.youtube.com/watch?v=NK5U3CbsMZ4

 

[ironk]

The three lessons in chapter 8 provide very clear, fully answered step-by-step instructions, practical exercises, and lesson summaries. It costs absolutely nothing to self-study, and learn from, any of this material. From the tone and content of your post, "studying" is probably foreign to you.

Thanks for the website, will look into it later.

 

[KillerBee]

...

 

[dawks]

One of the fun things I found playing with permissions was that if I wanted users to have the ability to modify files, but not delete, I needed to give them permission to "Delete", but not "Delete Subfolders and Files". I guess when you save/modify a file, some programs will actually 'delete' the file, and re-write it entirely as part of the save process.

 

[Nothinman]

One of the fun things I found playing with permissions was that if I wanted users to have the ability to modify files, but not delete, I needed to give them permission to "Delete", but not "Delete Subfolders and Files". I guess when you save/modify a file, some programs will actually 'delete' the file, and re-write it entirely as part of the save process.

Yes, a lot of apps do that because it's safer in the case of a system crash and simpler to code. Denying someone the ability to delete files they have write access to is mostly pointless because if they want the data gone they can open the file, delete everything and save the file again. The NTFS driver did it's job and didn't let them delete the file itself because doesn't know any better but the end result is mostly the same.