Explorer addon to ''check out'' files/folders using NTFS permissions

The software will comprise of 2 components: 1) An NT Service which runs on the file server, this service runs under elevated privileges allowing? it? to modify? NTFS? permissions within? specified directories,? as? well? as communicating? with? the? client? component? to "check? out"? or lock files/folders (ie, make them? read? only? to? all except? the? user? who? submitted? the? request),? release locks,? and? report which? users? have? particular? entities locked. ? This service will also have to allow for configuration of special users who have rights to unlock files/folders which were locked by another user. 2) The client acts as a shell addin for windows explorer, right clicking on files/folders gives options to lock/unlock/view which user has locked an entity. ? The client sends these requests to the server in order for permissions to be updated, and provides feedback to the user. ## Deliverables Outline of functionality as below: 1) The service component must be a true NT service and respond correctly to start/stop/restart commands. 2) Permissions will be configured in an active directory environment, for each base directory located on the server, a "default access" group will be specified through service configuration, locking a file/folder will result in permission inheritance being disabled, then permissions for the access group being changed from modify to read, and the locking users account being granted modify permission. Unlocking a file/folder will remove the users account and re-enable permission inheritance and ensure that the default access group again has modify permission. When users lock a folder, any files/folders contained within that folder which do not currently allow modify permission for the defined "default access" group will not be locked. 3) Users will not be able to lock an file/folder which is already locked by another user. 4) Users will not be able to unlock any file/folder which is locked by another user unless they are configured within the service as an admin user. Users will not be able to unlock a file/folder which is not currently locked. 5) Users will not be able to lock any file/folder for which they do not already have modify permission (either directly or via group membership). 4) Configuration of the service component (nomination of admin users, restriction of local filesystem directories the service component will modify permissions in, nomination of "default access" group) must be provided through a basic GUI. Selection of users/groups should be done through Active Directory or LDAP lookup, selection of directories should be done through standard browse dialog. 5) Server configuration should be stored in the registry, and allow for an unlimited number of directories to be configured, each with its own "Default access" group and "admin" users (multiple admin users must be allowed). 6) Files/folders which are checked out (including files/folders contained within a folder which is checked out) must be identified by an overlay on the icon (similar to those provided by the "TortiseSVN" windows shell extension for Subversion). 7) Client functionality should appear within the right click context menu in windows explorer, options will be lock/unlock/view user - it is acceptable for all options to be displayed in any context menu, but performing these options on a directory not on the server or not within the defined paths which the server will modify permissions on should notify the user that the option cannot be performed. 8) All operations within the client should provide the user with feedback through a dialog indicating either success of the request, or a reason for failure. 9) The client should communicate with the server via TCP or UDP, a default port not commonly in use should be chosen, the port number must be configurable through registry configuration for both the client and server. 10) The server must handle requests from multiple users concurrently.