I have been having some issues getting file permissions worked out to act the way that I need them to. We are using AD to control the permissions.
Folder structure:
Share
-Common
--Pictures
---Date1
---Date2
---Date3
---Date4
-Documents
We have a bunch of users which need access to the pictures folder, and each date within that folder, they need write access to that folder, but MUST NOT have the ability to rename or move that date1-4 folders.
I created a group for the pictures folder, I added users to that group as members, and then I added that group to the permissions of pictures, with write permission.
Share has Authenticated Users (Traverse Folder, List Folder, Read Attributes, Read Permissions) This folder, subfolder and files.
Common has Authenticated Users (Inherited)
Photos has no inheritance and Photos_group (Traverse Folder, List Folder, Read Attributes, Read Extended Attributes, Read Permissions) This folder, subfolder and files.
Date1 has no inheritance and Photos_group (Traverse Folder, List Folder, Read Attributes, Read Extended Attributes, Create Files, Create Folders, Write Attributes, Write Extended Attributes, Delete, Read Permissions) Subfolders and files.
However, though this stops users from renaming the folder Date1 or moving that folder, it also stops them from editing files within Date1, or moving folders within that folder.
I have tried a bunch of similar permissions, but always end up with either the ability to edit the documents within the date folders, and the ability to move the date folders, or neither.
I am looking for the correct permissions that will allow users to Modify files and folders within the date folders, but NOT to move/rename/delete the Folders that are within the Photos folder (which includes the Date folders)
Any help would awesome, thanks.