Ladies and Gentlemen, It might be a silly question but is there anyway
for a user to be able to open a file (read access) but not write to it
or copy it to a different location (i.e. his local desktop)? Now I
know what your thinking "if they can open it cant they do a 'save as'?
Well lets say that we could "tweak" the app so it would not show this
feature, can you deny the user from copying to another location
through Explorer? I'm sure this is confusing many, if you need any
further details please don't hesitate to ask.
I need to have a drive mapped so an application can set it as it's
"working" directory.....what will then happen is depending on what
credentials are used to long into the app. the user will have the
appropriate rights to see or not see things depending on what the
administrator has previously determined....the problem is that since
the drive is mapped the user can open my computer, open the mapped
drive , copy the files locally, burn them on a CD and open them at
home with out any specific security settings tied into his username
and password since the app is not in a "domain"/admin-client mode.
Essentially the user will be able to see the whole file with read
I guess what I could try to do is hide the "mapped drive" in explorer
but if the user was savvy enough (i.e. \\server\data1) or by chance
went to the root of the server he could still see things.
I hope this is a better explanation, your help is very much
PS I played around with the advanced security settings in W2KS but
couldn't get what I needed? Third party tool maybe, or is it just not