5

I have a group that ALL employees are assigned to. I have the CREATOR user set the same way. They have all the RW permissions but no delete.

Everything works as expected, however, Office related products can't save. They throw a permission error. My theory is Office tries to delete the file then rename/copy its temp/current saved file to be the new file.

Anyone have a work around on this or a link?

This is Office 2016. I read someone had this issue back in Office 2013 and I tried applying a fix but that did not do it.

Also, I tried running Office with a user who had a delete permissions, and had no problems.

Idea I had: https://superuser.com/questions/1252321/running-an-application-always-as-another-user-not-short-cut-based

I say Reinstate Monica
  • 3,100
  • 7
  • 23
  • 51
Jason
  • 3,821
  • 17
  • 65
  • 106
  • 1
    What version of office ? as I doubth it's the autorecover's option that block you, but I can't give an answer for all office version. Thanks – yagmoth555 Sep 21 '17 at 01:20
  • Office 2016.... – Jason Sep 21 '17 at 01:29
  • 1
    AFAIK and IIRC Office applications create a temporary file when a user opens a file, the Office application uses that temp file as the "working session", then when the user saves the file the Office application deletes the original and replaces it with the temp file, so delete permissions are needed. – joeqwerty Sep 21 '17 at 01:35
  • 1
    Do a try with Excel in example, set that registry into one client to force a location where the client can delete; Key: HKEY_CURRENT_USER\Software\Policies\Microsoft\office\16.0\excel\options Value name: AutoRecoverPath Value type: REG_EXPANG_SZ – yagmoth555 Sep 21 '17 at 01:35
  • No success on that. https://imgur.com/a/g2SNw – Jason Sep 21 '17 at 01:50
  • 1
    This sheds some light on my comment. I don't have any reason to believe that anything has changed in regards to the NTFS permissions required to save files or the behavior of Office apps. - https://support.microsoft.com/en-us/help/277867/windows-ntfs-permissions-are-required-when-you-run-word-on-any-ntfs-pa and this - https://support.microsoft.com/en-us/help/211632/description-of-how-word-creates-temporary-files – joeqwerty Sep 21 '17 at 02:04

1 Answers1

6

This happens because of how Office documents are opened for editing.

When you open an Office document, the application creates a hidden temporary file in the same folder. As you work in the document, your modifications are written to this file (as an aside, this is how it's possible for Auto Save to work).

When you Save the document, the original document is deleted, then the temp file is renamed to that of the original. Because your users don't have permission to delete files, the operation fails.

Here's an overview of the process as detailed in this Microsoft Word support article:

Create temp file                     Create ~wrdxxxx.tmp
Write temp file                      Save example data to ~wrdxxxx.tmp
Delete original file                 Delete EXAMPLE.DOC
Move temp to target name             Move ~wrdxxxx.tmp to Example.doc

According to the same article:

Word gains significant performance speed by placing the temporary file in the same directory as the saved file.....The location where Word creates the temporary files is hardcoded information and cannot be edited. Therefore, it is important that NTFS permissions for the user are set accordingly.

This is the same for across all Office desktop applications that save documents, i.e. Word, Excel, PowerPoint, and Publisher. A complete list of NTFS permission required for Word (specifically) can be found here. NTFS Delete is one of them.

I say Reinstate Monica
  • 3,100
  • 7
  • 23
  • 51