lucidanime Posted October 5, 2011 Share Posted October 5, 2011 (edited) Hi all, hope someone can help me on this. In the school I work in, we have a share called Postbox on our AD server (Server 2008 R2). This folder is used by Teachers to create a space for students to dump in answer files for exams, etc.What I'm trying to do is set it up so that Administrators and Teachers groups have full control, and that people from PLC Students and Post Primary Students can add files to Postbox (into whatever folder the teacher creates), but once added they cannot modify those files, and also, cannot view files by other members of the PLC Students or Post Primary Students group, so essentially it will look like they are the only student to submit a file to postbox for marking. I've been fighting with NTFS permissions for two days now, and I haven't been able to come up with a suitable set for PLC Students and Post Primary Students to restrict them as I've detailed above, any help or direction would be great. If anyone needs any more detail to be able to understand and/or aid with this problem, feel free to shout, and I'll give what detail I can!!EDIT: A somewhat visual aid:Postbox-> Teacher A -> Class 1A -> Exam XX -> Student 1.txt -> Student 2.txt -> Student 3.txt -> Class 2B -> Exam XX -> Student 4.txt-> Teacher B -> Class 3C -> Exam XX -> Student 5.txt -> Student 6.txt -> Class 4D -> Exam XX -> Student 7.txtBasically, Teachers can see all files, Student 1 can only see folders + his/her own files only, Student 2 can see folders and his/her own files only, etc Edited October 5, 2011 by lucidanime Link to comment Share on other sites More sharing options...
cluberti Posted October 5, 2011 Share Posted October 5, 2011 You either give rights to a file, or you don't - what you could do is give users "Special" rights, and allow them write access but not list access - this would allow them to upload files but not see anything in the share. However, that doesn't preclude them from simply overwriting what they've put there with another file, because rights are static. This would require custom scripting, event triggering, and probably constant administration. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now