I have a problem with a NetApp file server with Windows XP clients.
The files are on a single SAN drive. The users regularly move files from \\storage\share to their personal folder at e.g. \\storage\myfolder. This is fine so far, but it becomes a problem when they move files from \\storage\share to \\storage\secretCompany and add some secret information to the file. The permissions for the file are still the same as they were in share, hence everyone with the permissions to share can now see this file in secretCompany.
Is there any way to prevent Windows from copying permissions and just always use the target permissions?
From Microsoft..
You can modify how Windows Explorer handles permissions when objects are moved in the same NTFS volume. As mentioned, when an object is moved within the same volume, the object preserves its permissions by default. However, if you want to modify this behavior so that the object inherits the permissions from the parent folder, modify the registry as follows:
Click Start, click Run, type regedit, and then press ENTER.
Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
On the Edit menu, click Add Value, and then add the following registry value:
Value name: MoveSecurityAttributes
Data type: DWORD
Value data: 0
Exit Registry Editor.
Make sure that the user account that is used to move the object has the Change Permissions permission set. If the permission is not set, grant the Change Permissions permission to the user account.