windowssecurityetldirectorywindows-administration

Windows Folder Permissions, Copy into but Cannot Read


Sometimes when running ETL packages on flat files, I receive error: "The process cannot access the file because it is being used by another process".

Another person already has file opened.

Is there a Windows Security Folder permission where person can only copy/move files into folder, but cannot read files in the folder. We are trying to create a staging folder.

This will avoid the "file is already open errors", so ETL can be processed?

Thanks,


Solution

  • From eryksun:

    Question/Answer should be moved to superuser

    From the command line, you can run icacls "folder name" /deny *S-1-1-0:(OI)(IO)(RD,WD,AD).

    "S-1-1-0" is the security identifier of "Everyone".

    "OI" (object inherit) means this entry is inherited by files (but subfolders merely propagate the entry; it doesn't apply to the folders themselves; just their files).

    "IO" (inherit only) means the entry does not apply to this folder; it's only for inheritance. And the reaming three are read data, write data, and append data.

    (1) In the GUI: which ones would I exclude? List Read Permissions, Change Permissions, Seems like Create Files is coupled with Write Data?

    enter image description here