Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Prevent user from deleting folder from desktop

Status
Not open for further replies.
dalchri

dalchri

Programmer
Apr 19, 2002
608
US
I would like to prevent my users from deleting a folder from their desktop. We have a copier/scanner that can scan documents directly to a folder on their desktop. If they delete this folder, this means they can't scan anymore.

I tried to do this using advanced permissions. First I copied the inherited permissions. Next I removed the user from the list of permissions. Then I added the Domain Users group of which this user as well as all users on the network are a member of. I then set the "Delete", "Change Permissions", and "Take Ownership" permissions to deny. I also made sure that the user is not the owner of the folder.

When I check the effective permissions for this user, they are set to deny "Delete", "Change Permissions", and "Take Ownership" just as I have set them. Also, the user is not allowed to change permissions.

However, when I log in as the user, I am still able to delete the folder from the desktop. The interesting thing is that if I also set "Delete subfolders and files" to deny, the user is not allowed to do that.

The only other users listed under the folder permissions are Administrators of which the user is not a member and SYSTEM. The user is a member of Power Users but power users is not listed under the permissions for the folder.

Is there something "special" about folders on the desktop that I am missing?

Thank you for any suggestions!
 
Sort by date Sort by votes
Set the Advanced folder property to "This Folder" and specify the Deny Delete. Also make sure it is not inherriting permissions still.

Another solution is to move the folder off of the desktop and just put a shortcut on the desktop. Use a login script to recreate the shortcut if it is missing.

I hope you find this post helpful.

Regards,

Mark
 
Upvote 0 Downvote
The problem that I found was that the parent folder i.e. the desktop folder still had the permission "Delete Subfolders and Files" set to allow.

Even though the documentation says that a deny permission always overrides an allow permission, it appears that an allow permission for "Delete Subfolders and Files" on a parent folder will override a deny permission for "Delete" on a child folder.
 
Upvote 0 Downvote
If the users are not Admin or powere users on the Pc create the folder in
C:\documents and settings\All Users\desktop\

By default XP will not allow users to delete items within the All users\destop folder

Then you should be able to give them permission to add into the folder.
Haven't tested but should work
GL

When frustrated remember, in the computer world there is almost always a backdoor.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

dik
  • Locked
  • Question
Deleting a file 1
Replies
13
Views
620
dik
dik
VicM
  • Locked
  • Question
Change name not showing in user account 1
Replies
13
Views
1K
guitarzan
guitarzan
dik
  • Locked
  • Question
Change Icon Image on Desktop
Replies
5
Views
913
JimSmith02
JimSmith02
TrekBiker
  • Locked
  • Question
Version 23H2 preventing full shut down
Replies
5
Views
966
pjw001
pjw001
Flinx
  • Locked
  • Question
very slow transfers from windows 10 to NAS
Replies
9
Views
679
Flinx
Flinx

Part and Inventory Search

Sponsor

Back
Top