Windows Folder/File Permissions

I think the wording of the Windows NTFS folder and file permissions is throwing me off. I don't understand them a darn bit. So I'll try to explain what I'm trying to do and maybe you can help me. Let's say I have a folder, Folder1. Inside Folder1 is a file, frontend.mde. Also inside Folder1 is a subfolder, SubFolder1. In SubFolder1 is a file, backend.mdb. What I need is to set permissions to make it so users in a certain group can only use the front end app I created, frontend.mde. They shouldn't be able to delete it, move it, etc. All they need to be able to do is open it and use it to communicate with the backend, backend.mde. I also don't want them to be able to navigate through SubFolder1, but have full access to its contents.

The reason for this is I want them to have to use the front end app to do anything with the backend. The front end has a compact/repair feature, so they must be able to delete the backend, but I don't want them to be able to browse inside that folder to do any damage. Make sense? If not, I will try to explain better.

EDIT**********************************

maybe this will explain it better:

\\networkpath\Folder1
users should be able to open this folder, view all files and folders in it, and open all files in it.
\\networkpath\Folder1\frontend.mde
users should be able to open this file and that is it. they shouldn't be able to delete it, view permissions on it or anything like that.
\\networkpath\Folder1\SubFolder1
users shouldn't be able to open this folder, but have full access to it's contents. They should be able to create new folders and files inside it as well.
\\networkpath\Folder1\SubFolder1\backend.mde
users should be able to delete this file during via the front end app. they should be able to write to it as well.

Thanks in advance,

JMH

have you tried this:

Folder1: set permissions for "everyone" or which ever group you need to give access to, to "Read", and "List Folder Contents"

SubFolder1: set the permissions as follows, allow
Modify, Read & Execute, Read, Write
and dont allow "Full Control" and "List Folder contents"

hope this helps, its only a shot in the dark

hmm..no luck. It doesn't allow the .ldb to delete itself in SubFolder1. It locks me out completely. I will fiddle around with it. Let me know if you think of anything else

JMH

hmm, yeah, I am not sure how you are going to get pass the ldb file...
lemme know if you get it right, I will see if I can find anything else

You need to add delete permissions for the subfolder. You can also set the hide attribute to the subfolder.

Or force the app to run with admin priveleges....then it can delete regardless of those permissions.