# How can I give a user write permission to a shared drive but not read?



## justcrash (Aug 7, 2009)

Ok, first, I will tell you WHY I want to do this, maybe there is an easier way. I have a teacher that wants to go "paperless", so up until now, he has been logging on to one of my servers and looking ahis students home drives to grade their stuff.

I want him off my servers, things are going weird with the server he is always on and he shouldn't be on it.

So I want to create a shared drive which him and his students will map (I've done that) and he has complete read/write control of... but he doesn't want the students to be able to open other students papers (understandable) so they don't cheat.

I need the folder to only allow the student user group the ability to write to "drive" but not open any of the documents. I've played with permissions but can't find the right combo.

Server 2008. What suggestions do you guys have?


----------



## Callum_Dawson (Mar 9, 2009)

Are you on VPN, Domain or WORKGROUP?


----------



## justcrash (Aug 7, 2009)

Callum_Dawson said:


> Are you on VPN, Domain or WORKGROUP?


Domain, 2k3 PDC and schema master, the shared drive is on our only 2008 enterprise box.


----------



## Callum_Dawson (Mar 9, 2009)

Do you have an Active Directory setup?


----------



## justcrash (Aug 7, 2009)

Callum_Dawson said:


> Do you have an Active Directory setup?


Yes, I currently have a GPO set up to map to the drive itself on the students. One forest.


----------



## Callum_Dawson (Mar 9, 2009)

Then on the "Administrator" account on the Active Directory go onto "Administrative Tools >> Active Directory Users and Computers" and get onto the list of Active Directory Users, you should be able to manage their access from their.


----------



## justcrash (Aug 7, 2009)

Callum_Dawson said:


> Then on the "Administrator" account on the Active Directory go onto "Administrative Tools >> Active Directory Users and Computers" and get onto the list of Active Directory Users, you should be able to manage their access from their.


Can I do that for only one shared drive (this one) from there?


----------



## Callum_Dawson (Mar 9, 2009)

I'm pretty sure you can manage their access permissions from that menu in their individual properties. Alternatively try going onto "Administrative Tools >> Share and Storage Management" and clicking properties on your Shared Drive. Then click "Permissions..." and try it via that menu instead.


----------



## justcrash (Aug 7, 2009)

Callum_Dawson said:


> I'm pretty sure you can manage their access permissions from that menu in their individual properties. Alternatively try going onto "Administrative Tools >> Share and Storage Management" and clicking properties on your Shared Drive. Then click "Permissions..." and try it via that menu instead.


hmmm individual? I don't do it by group? I ask because I need this to happen for about 768 students, so I am trying to avoid individual stuff. They are all part of the same user security group.


----------



## Callum_Dawson (Mar 9, 2009)

Oh, sorry, I thought you meant a class, lol. But yea, by group also works.


----------



## justcrash (Aug 7, 2009)

Callum_Dawson said:


> Oh, sorry, I thought you meant a class, lol. But yea, by group also works.


 Yeah, it is for one guys class, but every student takes his class pretty much, or at least 2/3rd of them. It's a computer Science class and he wants it to be paperless.


----------



## justcrash (Aug 7, 2009)

Callum_Dawson said:


> I'm pretty sure you can manage their access permissions from that menu in their individual properties. Alternatively try going onto "Administrative Tools >> Share and Storage Management" and clicking properties on your Shared Drive. Then click "Permissions..." and try it via that menu instead.


 Ok, I can do Read only (which in this case, isn't what I wanted, unless the creator was the only one who could read it) but I cannot do "Create" by itself.


----------



## Callum_Dawson (Mar 9, 2009)

So, is the problem resolved now or still not working?


----------



## justcrash (Aug 7, 2009)

Callum_Dawson said:


> So, is the problem resolved now or still not working?


Nah, still not resolved. Essentially all I want them to be able to do is save a file to the shared drive, not open any of them, as far as I care, even their own. It should only be used to hand in finished assignments for grading and comments by the instructor. I do appreciate your help though, sir.


----------



## Squashman (Apr 4, 2003)

It is unfortunate you have to do this in Windows. This is what made Netware one of the greatest file server operating systems ever.

I haven't had to touch a 2000/2003 server since I was in school and that was when 2000 server just came out.
Did you look at the List Folder Contents setting?


----------



## justcrash (Aug 7, 2009)

Squashman said:


> It is unfortunate you have to do this in Windows. This is what made Netware one of the greatest file server operating systems ever.


Oh? How so, sir?


----------



## Squashman (Apr 4, 2003)

Read up on Netware File System Rights.
http://articles.techrepublic.com.com/5100-10878_11-5031966.html

And you could have an ever finer grained control with the File Attributes.
http://www.novell.com/documentation/nw51/?page=/documentation/nw51/trad_enu/data/h8gdk9xq.html


----------

