On a WD MyCloud nas I have a share called Multimedia. The nas is joined to my domain.
What I want:
Domain Users to be able to create/write and delete their own subfolders in the Multimedia share.
What I don't want:
Domain Users to be able to delete existing files in the Multimedia folder if they're not the owner of these files/sub-folders.
The problem:
I cannot set the Multimedia folder so that Domain Users cannot delete files/folders that they're not the owner of. Everytime I try to force Domain Users with Read, Write access (but not delete) and Apply the changes the permissions changes to Domain Users - Full Control.
I tried to make the Multimedia share in the nas gui Full Access or Read-only but it doesn't make a difference. Domain Users can still delete existing files that they're not the owner of in Multimedia.
NOTE: In the nas I can set the Multimedia share as Full Access, Read-Only or No Access to Domain Users. I have tried both Full and Read-Only access but I keep having the same problem.
I should be able to set this share using ntfs permissions where Domain Users can Read and Write in the Multimedia folder but not delete files/folders that aren't theirs.
What I've tried that should work:
I have set the Multimedia folder with CREATOR OWNER Full Control. Domain Users with Read and Write only to the folder (but not subfolders). But as soon as I try to set Domain Users to Read and Write in this folder and click Apply it changes to Domain Users - Full Control.
I tried creating a 2nd permission for Domain Users where they can Read/Write in Multimedia subfolders and its files which works fine (they can delete their own files), but the problem remains that in Multimedia I have files and other folders that they're not the owner of and they can still delete them since the Multimedia folder always has Domain Users - Full Control to this Folder.
I don't think I'm doing anything wrong but I'm open to any help or suggestions.
UPDATE: I forgot to mention that I've googled this and all the docs say to give CREATOR OWNER Full Control, the share Full Access to the user/group and set the subfolders to the permission you want. This is fine for making sure that subfolders and files cannot be deleted unless the user/group is owner, BUT, none of them have the problem I have where the user/group gets Full Control on the parent folder regardless of what custom rights you give it.
