Solved

IIS6 FTP User Isolation Modes / Win2k3

Posted on 2004-04-29
4
865 Views
Last Modified: 2012-06-27
I want to set up my development c:\inetpub\wwwroot\ as a ftp root using isolate mode under IIS6 / Win2k3.  My goal is to give clients a ftp login that will point to c:\inetpub\wwwroot\clientsite\ftp folder but have it so they can't go further up the directory tree, and I'm restricted to 1 IP address.

It seems that the only way I was able to login in a user successfully is by making the FTP root point to c:\inetpub\ftproot . Then created subfolders in the c:\inetpub\ftproot like so \localuser\username.  This is fine, but my boss doesn't want the extra work of copying stuff manually from the ftproot to the appropriate wwwroot folder.

If I setup folder c:\inetpub\wwwroot\ as the root FTP site in non-isolation mode, any user can login fine to the ftp but has full access to everything in the ftp root regardless of the virtual directory that I point them to.

I need some help on this one, I already went through microsofts support section on the topic but it was of no help:
http://support.microsoft.com/default.aspx?kbid=814865&product=iis60

Is there a registry edit or anything that can force win2k3 to allow other folders besides c:\inetpub\ftproot\localuser\ to run in isolation mode?

Am I missing something?  Will a 3rd party FTP server software allow more freedom to isolate a user login to one folder only, no matter where i set the ftp root?  Any recommendations?

500 points to the expert of experts.
0
Comment
Question by:madasczik
  • 3
4 Comments
 
LVL 17

Expert Comment

by:Tacobell777
ID: 10955898
You should really have the ftp root seperate, if you allow direct access to the webroot you will run into issues like locked files, i.e. someone is looking at a particular file while the client is trying to ftp over it, and many more issues. Also good if you want to virus scan the uploaded files first, I simply had some replication setup between the FTP root and the web root, a simple batch file that used xcopy, this ran every 15 minutes and a virus scan as well.
0
 
LVL 17

Expert Comment

by:Tacobell777
ID: 10955915
You don't really need to name the directory the same as the username, you only need to name the virtual directory the same as the username, I would stick to a more clearer file structure like

inetpub/ftproot/production/[website]
inetpub/ftproot/staging/[website]

inetpub/wwwroot/production/[website]
inetpub/wwwroot/staging/[website]

thats if you have any staging before publishing.
0
 

Author Comment

by:madasczik
ID: 10955980
I have Mcafee ASAP on all the boxes, it pretty much scans anything coming or going from the computers.  Can you show me the xcopy batch file you use, and how you run it every 15 minutes?  Thanks
0
 
LVL 17

Accepted Solution

by:
Tacobell777 earned 500 total points
ID: 10956051
I don't run an ISP anymore ;-) but from the top of my head

xcopy and then the attributes to copy stuff over

you call the batch file with windows "Scheduled Tasks"
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Prologue It is often required to host multiple websites on a single instance of IIS, mostly in development environments instead of on production servers. I am sure it is not much a preferred solution on production servers but this is at least a pos…
Lync server 2013 or Skype for business Backup Service Error ID 4049 – After File Share Migration
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question