NTFS Permission allow write - not delete with MS Office files

Jack Chuong 841 Reputation points
2020-12-12T03:11:07.737+00:00

Hi all, My environment : File server Windows server 2012 Standard , in domain system . I want to share a folder "test" and grant permission to domain userA (and also other userB , userC ...) can read/write but not delete all sub files and folders (Yes, userA can create new file/folder , can edit file content , but cannot delete/rename other's file/folder, but userA can rename/delete his owner file/folder because he has "creator owner permission ?"). The structure of the directory (already created) is assumed as follows: |test --|file1 --|folderA ------|file2 I read some documents , summary, they said

  • When share and NTFS permissions are used simultaneously, the most restrictive permission always wins
  • Uncheck Delete permission
  • Uncheck Delete Subfolders and Files permission Some pictures: 47571-1.png 47530-2.pngIt works with TXT files , but not with EXCEL or DOC files, when userA try to edit and save some excel/doc files, he gets error : "Access Denied Contact Your Administrator". I guess because Excel and Word program need to create some temp files and then cannot delete them ? How can I fix it ? Please give me some advice thank you very much.
Windows Server 2012
Windows Server 2012
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
1,183 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,357 questions
No comments
{count} votes

Accepted answer
  1. Vadims Podāns 8,391 Reputation points MVP
    2020-12-12T21:19:56.613+00:00

    Unfortunately, it is a known issue with MS Office files. They create temporary files where they store state between save operations and then they merge them to a new file and delete all previous versions of document. Here is a KB article that explains how temporary files work in MS Office: https://support.microsoft.com/en-us/help/211632/description-of-how-word-creates-temporary-files

    Unfortunately, there is no way to redirect these temporary files anywhere else, because the path is hardcoded, i.e. in same folder as original document. This means that you have to allow Delete permissions on parent folder for MS Office files purposes. You are stuck with this.

    1 person found this answer helpful.
    No comments

2 additional answers

Sort by: Most helpful
  1. Vicky Wang 2,591 Reputation points
    2020-12-14T07:52:02.117+00:00

    Hi,

    I am glad to hear that your issue was successfully resolved\I am pleased to know that the information is helpful to you. If there is anything else we can do for you, please feel free to post in the forum.

    Best Regards,
    Vicky

  2. Sebastian Pacheco 86 Reputation points
    2023-02-18T01:12:29.34+00:00

    a new disappointment for MS products. This apparently only happens with office since with openoffice it works very well.

    MS gives you the option to play with the privileges, but at the same time it cuts your hands with the most used documents by everyone.