Is it possible to restrict a user where they are unable to edit or update a file, while allowing them the ability to overwrite the entire file or delete the file to replace it with an updated file?
The user(s) would be accessing either locally via RDP or a network share on a Windows 2012 server (non-R2).
You can set the permissions to allow "write" but not modify. This will do what your specifically asking for, but there are catches.
A lot of the applications, Microsoft WORD for example, open a file (create), then updates it's contents (modify).
With Write but noyt modify, you can create a file, and once closed, you can not delete or change it. (if you assume the user is x229904 as in this example).
Because so many programs need to write and then modify files even when they create them, this option in NTFS is often limited in it's application.
A batch file that outputs line by line of "log messages" for example would not work because the file is created, and then once created, can not be updated.
Since your other option is a "delete" then replace, your having to in effect modify the file.
I'm not sure how this differs however as your asking to either deleted and re-add but not modify. If they can delete and re-add the file, and they use the same file name, is the net result not that it has been modified? That is, what was there before is now different then what is there now, yet the file name is the same.
