Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Saving from PowerPoint, Word, or Excel resets NTFS security settings

View products that this article applies to.


When you save a file in Microsoft Word, in Microsoft PowerPoint, or in Microsoft Excel, the NFTS file system security settings are reset. These security settings are reset in the discretionary access control list (DACL) and in the system access control list (SACL) of the NTFS file system security descriptor.

↑ Back to the top


When PowerPoint, Word, or Excel has a file open for editing, and the user saves the file, a copy of the original file is created as a temporary file. This temporary file stores changes that are made to the original file.

By default, this temporary file is created in the same directory as the original file. When you save the file, the original file is deleted, and the temporary file is renamed to the original file name. Because newly created files in a directory inherit the security permissions of that directory, the security permissions on the file are be reset to those of the directory.

Starting with the Office XP releases of the applications, the applications try to copy the custom file security information to the new file. However, users do not typically have permissions to write the security information.

↑ Back to the top


To work around this problem, use one of the following methods:
  • Put all affected files in the same directory. Assign the security settings to the directory. You may have a separate directory for each group of files, and each directory may have different permissions´┐Żor auditing settings.
  • Change the permissions for the directory and for the file to prevent the user from overwriting the original file. Change the permissions to disallow file deletions.
  • Use Sharepoint Portal Server to store the files. The Sharepoint site will enforce its own security scheme to the data that is stored on the site.
  • Grant "Change Permissions" permissions to the directory. Then, users can change file security. However, you may not want to do this.

↑ Back to the top

More information

These Office programs use this method of saving files to prevent data loss. If the connection to the server is lost during the save operation, and the file is directly saved to the original file name, the file data would be lost.

This method could cause the latest changes to be lost. However, the old version of the file would still be present on the server.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
211632 Description of how Word creates temporary files

↑ Back to the top

Keywords: kbtshoot, kbinterop, KB102888

↑ Back to the top

Article Info
Article ID : 102888
Revision : 7
Created on : 11/2/2010
Published on : 11/2/2010
Exists online : False
Views : 572