[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 199
  • Last Modified:

ftp setup

I having trouble with ftp setup when setting it up when requiring user name and password.  What is required to set it up properly.  It seems I got it to work one time, but now I'm not able to do it.  What is required.  I'm trying to set up user 1 to access one folder1 and user 2 to access folder 2 under the ftp directory.

Thanks,
Joseph
0
sjs
Asked:
sjs
  • 4
  • 4
  • 2
1 Solution
 
Zak_McKrackenCommented:
IIRC, this was discussed a while back, and I think the outcome was that you can't have completely different "sites" for users - you can limit a user to one directory, and another user to a different directory again, but each user will be able to see the other's folder - eg:

ftproot\
ftproot\user1s_folder
ftproot\user2s_folder

Does this help or are you after something else?
0
 
sjsAuthor Commented:


Thanks for your reply.  At this point I can only setup Anonymous login, I am looking to setup specific domain users for access.  What permissions does a user have to have?

Thanks,

Joseph
0
 
Zak_McKrackenCommented:
I haven't done this, but if a user has access to the share via windows file permissions, all they need is a valid domain account.  If the server is not a domain controller, you are able to setup local accounts for the FTP server.

Do some testing and see what you are able to come up with.  I do know that there isn't any ability to configure what you're looking at within the MMC snap-in, so if this is possible, its got to be done at a windows file security level.
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
pssiewCommented:
The domain user must have logon locally user rights to be able to log on to the ftp site.

durin logon you need to use domain\username or username@domain.com to login.

You can have user1 login to folder1 and user2 to folder2 if the follwing is satisfied.
The loginname is the same as the ftp virtual foldername.

Hope this helped.
0
 
sjsAuthor Commented:
Thanks for your reply, but I was looking for better understanding of the virtual directory and permissions.  I'm not clear on how to set up different folders with it's own permissions. Can you clarify?

Thanks,
Joseph
0
 
pssiewCommented:
FTP must have its own IP to run and unless you have more than one IP on the machine you can have only one FTP site.

The FTP site will point to a ftp root folder. any folders within the root folder can be FTPed to if the right permissions are granted.

If you have another folder that is not within the the root folder or you want a quicker path to the folder, you use the virtual directory to create it (something like a shortcut).

Folder permissions are the NTFS permissions which you can explicitly grant specifc permissions. If on the FTP level you grant write and on NTFS level you deny it. The person will not be able to ftp the file to the server, vice versa for read.

If you need more details you need to read it from net or books.
0
 
sjsAuthor Commented:
Thanks for your reply.  I'm familer with NTFS and logon locally and so on.  I wasn't clear on how virtual directory work.  I checked MSKB, I was unable to find any info explaining virtual directory.  I guess I'll just mess with it for while.  Basically I was wanting to create subfolders like \ftp\dir1 and \ftp\dir2, while granting user1 access to user1 to dir1 and user2 to dir2 without either one accessing or listing the other's.

Thanks,

Joseph
0
 
pssiewCommented:
A simple explanation of FTP virtual directories would be to take them as shortcuts. You create a virtual directory to have a shortcut to folder.

For instance you need to go to root\abc\xyz\efg via ftp you need to change directories 3 times, having a virtual directory would enable to you go there by just root\efg

If you want to prevent users from accessing each others folder,

Create the virtual folders with the exact same name as the user login. When the user logs in he will go directly to his folder. You then use NTFS to grant permissions which only allow the user access to his own folder and not the other.
0
 
sjsAuthor Commented:
thank you pssiew.  That should do it.
0
 
pssiewCommented:
no problems sis.
Hoped it all worked out for you
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 4
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now