2 Q's RE: NTFS modify & write perms.

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hi guys,

Ok this has been bugging me for a while. I am talking NTFS security perms here (not sharing perms).

1) is there any difference between Allow - Modify and Allow - Write?

in other words,

does Allow - Modify only let you modify existing files but does not let you create new files?

and does Allow - Write only let you create new files & write to these new files but not let you modify existing files?

if this is not the case, and Allow - Modify & Allow - Write both let you create new files and modify existing files, then why have MS created these as two "seperate" permissions.

its kind of confusing.

ok 2nd Q)

-lets say we share c:\docs as "docs" and we only want users to be able to modify thier OWN files.

so we assign Allow - Modify on c:\docs for, say the "accountants" group..... but this would mean each user in the accountants group can modify any file within that folder.....

how would I go about locking this down, so users can only modify their OWN files?

many thanks for any assistance.

--mj

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Firstly i believe you are correct, Modify lets you change existing files, write allows you to create new files in the area.

Secondly, you could apply write permissions to the creator/owner - since they created the file that would be them

Edit: Just to update on that, in the security tab, click add, and type creator then hit ok. you will get two options, creator group and creator owner. The option you are looking for is creator owner. you can then apply the necessary rights. but this way you would need to apply it to each file individually,

you should also be able to go into the advanced section, hit add and select the creator owner group, then in the dropdown for permissions select 'Subfolders and Files only', tick the boxes for the appropriate permission (full control perhaps? or maybe just modify). this would apply to the folders (not selecting 'this folder' should, i believe prevent them from doing anything to the folder itself but i couldnt say for sure). Play around with these settings to get the desired effect, i normally just apply group level permissions, so im not entirely sure about this level of the permission application

 

ok thanks alot for that ;)