THE INFORMATION IN THIS ARTICLE APPLIES TO:
SYMPTOM
In the Web Transfer Client, Active Directory users who do not have permissions to delete or move files, are able to delete or move files.
RESOLUTION/WORKAROUND
Ensure that the child folders and files in EFT's \InetPub\ (C:\InetPub\) directory have the correct permissions. Applying the proper NTFS permissions to this directory will ensure that users cannot circumvent permissions via a debug tool within the browser.
To remedy this with already existing files and folders, it is important to select the checkbox Replace all child object permissions entries with inheritable permission entries from this object to ensure that all child folders and files also get the permissions change.
- In Windows File Explorer, right-click the EFT user home folders directory (for example, C:\InetPub\), then click Properties.
- In the Properties dialog box, click the Security tab, then click Advanced. The Advanced Security Settings dialog box appears.
- On the Permissions tab, click Change permissions. The dialog box will refresh.
- At the bottom of this tab, select the Replace all child object permissions entries with inheritable permission entries from this object checkbox. This will ensure that child objects will inherit the permissions of the selected object.
See also in your version of EFT, "Installing EFT > After You Are Done > Windows Account for the EFT Server Service > Set Windows NT Permissions for EFT" for more about NT permissions and EFT.