O(V)eGA_l2el) Posted October 16, 2006 Posted October 16, 2006 Here is my scenario (All WinXP workstations in domain environment): User(1) would like him/herself, as well as User(2), to have access to a subdirectory and full control over the contents. (file creation, modification, deletion, etc) No other user must gain access to said subdirectory. Now, the parent directory has Users (1-4) under "Security" tab -> "Group or User Names" with at least read, execute, & list permissions. How can I deny access to the subdirectory for Users 3 & 4? Is it possible for all users to retain access to the parent directory & certain users denied access to subdirectory? Note: I have experiemented with "Special Permissions" under ""Security" tab -> "Advanced (for domain\Users)," but this did not fulfill what I am looking for. Share this post Link to post Share on other sites More sharing options...
MindDrive Posted October 17, 2006 Posted October 17, 2006 (edited) the same way you "give" permissions for any user, you also take away those permissions to any other user by unchecking the boxes ie: read, write, browse, execute that is if you are using and implementing the IIS snap-in OR you could just "hide" said folders and dont make any mention of them to anyone other than who you want to know they are there and then just manually type in the location of said documents in the address bar.... Edited October 17, 2006 by MindDrive Share this post Link to post Share on other sites More sharing options...
markiemrboo Posted October 17, 2006 Posted October 17, 2006 I think what you want to do is... under "Advanced" uncheck the inherit option (the one that should already be checked. Deny "Everyone", add User 1 & User 2 and allow them. Share this post Link to post Share on other sites More sharing options...
ClayMeow Posted October 17, 2006 Posted October 17, 2006 I think what you want to do is... under "Advanced" uncheck the inherit option (the one that should already be checked. Deny "Everyone", add User 1 & User 2 and allow them. You're partially right...until you said to check off the "deny everyone" box. You never want to do that. Take off the inherit option. Then remove every user/group and just add User 1 and User 2, and give them whatever access you want them to have. That's it. Do not even add the "Everyone" group to that folder. Just the two users, and that's it. I do this all the time at work (network administrator). They will see the folder there, but when they try to open it, they'll get an error message saying they don't have permission to view it. Making the folder hidden without implementing security permissions is absolutely pointless. Most users will have "view hidden folders and files" enabled. EDIT: BTW, if you're the administrator, you don't have to worry about adding yourself and giving you permission the folder unless you need access to the files inside. As administrator, if you don't have access to a folder, you can always go and change the "owner" and change permissions if needed. Share this post Link to post Share on other sites More sharing options...
markiemrboo Posted October 17, 2006 Posted October 17, 2006 I was thinking along the lines of Apache (i'm sure there's others, but that's the first thing that comes to mind), which denies all and then allows whatever. Obviously not the case here then Share this post Link to post Share on other sites More sharing options...
O(V)eGA_l2el) Posted October 18, 2006 Posted October 18, 2006 Thanks, that worked perfectly. Share this post Link to post Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now