# Folder Sharing & Security Windows 2003



## powlaz (Feb 12, 2007)

I'm really stumped. I have a folder that has security set so everyone can read the files but can't save anything to the folder. 

If I move a file from this folder to another folder where someone can read or write to the folder shouldn't the file pick up the security settings of the new folder?

I don't find that it is and I have to go in and manually set the new permissions for that file. I can't keep doing that because the next move includes over 65,000 folders. What am I missing? What should I be looking at?

Thanks for the help.

PO


----------



## phubeone (Aug 23, 2005)

I had a similar issue. Let's say in your case:

-You have 65000 folders you want to move to d:\data\new
-Everyone has access to d:\data\new
-Move the folders over to d:\data\new
-Browse to d:\data
-Right click on "new" go to sharing and security
-Go to the Security Tab
-Click on the Advanced Button
-Check the second option to propagate all the current security settings to its child objects


----------



## bala_sen (Aug 31, 2007)

Hi
Normally the NTFS file permission rely on the Deny permission than the granted permission. Make sure, that user account is been added to the ACL of the files/folders. Instead of granting permission to Everyone group, its always better to grant permission to particular user.

Make sure the folders that were moved and edited are not compressed. Because compression will affect the permission given to the siles/folders.
for ur reference.....
Moving a file or folder to another folder on the same NTFS volume results in the file or folder retaining its permissions, regardless of the permissions configured on the target folder.
Moving a file or folder to a different NTFS volume results in the file or folder assuming the permissions of the target folder.
Moving a file or folder from a FAT volume to an NTFS volume results in the file or folder assuming the permissions of the target folder.
Moving a file or folder from an NTFS volume to a FAT volume results in all NTFS-specific properties (including permissions) being lost.
Copying a file to another folder on the same NTFS volume results in the file assuming the permissions of the target folder.
Copying a file or folder to a different NTFS volume results in the file or folder assuming the permissions of the target folder.
Copying a file or folder from a FAT volume to an NTFS volume results in the file or folder assuming the permissions of the target folder.
Copying a file or folder from an NTFS volume to a FAT volume results in all NTFS-specific properties being lost

for compression .......

Moving an uncompressed file or folder to another folder on the same NTFS volume results in the file or folder remaining uncompressed, regardless of the compression state of the target folder.
Moving an uncompressed file or folder to another folder on a different NTFS volume results in the file or folder inheriting the compression state of the target folder.
Moving a compressed file or folder to another folder on the same NTFS volume results in the file or folder remaining compressed after the move, regardless of the compression state of the target folder.
Moving a compressed file or folder to another folder on a different NTFS volume results in the file or folder inheriting the compression state of the target folder.
Copying a file to a folder causes the file to take on the compression state of the target folder, whether on the same or a different volume.
Overwriting a file of the same name causes the copied file to take on the compression state of the target file, regardless of the compression state of the target folder.
Copying a file from a FAT folder to an NTFS folder results in the file taking on the compression state of the target folder.
Copying a file from an NTFS folder to a FAT folder results in all NTFS permissions being lost.
Identifying Compressed Objects


----------



## Cellus (Aug 31, 2006)

Just to put the cherry on top, the hierarchy for allows and denies are as follows (from top to bottom - top will always supersede anything below it):

*Explicit Deny
*Explicit Allow
*Inherited Deny
*Inherited Allow

Explicit permissions are those which are physically checked in a particular ACL (ie. the Allow and/or Deny checkboxes). Inherited permissions are those permissions which are inherited from the parent (if inherited permissions are enabled on the parent to its children). As you can see, permissions which are explicitly set will supersede applicable permissions inherited by the parent.

Keep this in mind while setting ACL permissions.


----------



## powlaz (Feb 12, 2007)

Guys - this is all great info. I'm not sure I'm ready to use it all yet but I didn't want to let too much more time pass without saying Thanks!

I believe part of what my problem has been is that I have been moving the files on my servers from my Windows XP workstation. I forget exactly what I saw on one of the Windows 2000 servers but it made me think that the full functionality of what should be a very simple process lies in making the moves from the servers themselves and not through the mapped drives on my workstation.

In the meantime I did need to make a couple of HUGE moves and found a utility in the Resource Kit called Robocopy. It's a robust program (not for the timid - so many options you'll go blind reading about them all) but this is because it can be used for so many different things. I also downloaded the Robocopy GUI 3.1 frontend for Robocopy. It didn't work out for me but all my command line scripts did.

I hope to use it for smaller moves too . . . and maybe backups. It can also be used to adjust ACLs and security permissions. I might wind up using it for everything - but not before I try your ideas. I'd like to do it the right way before I do it the work-around way.

Thanks again,

Po


----------

