• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1460
  • Last Modified:

IIS FTP home directory LIST access

Hi everyone,

Basically, I want to allow users to download files from my FTP that come from URLs, but deny people the ability to list the FTP directory contents. I've set 'traverse folder / execute file' access, and removed all others from the directory security under windows. However, I run into the following error when connecting. I assume there is no workaround, and I am always going to run into this problem, but I thought I would ask here first.

--------- FTP log ---------
220 ftpserver Microsoft FTP Service (Version 5.0).
USER anonymous
331 Anonymous access allowed, send identity (e-mail name) as password.
PASS xxxxxx
530 User guest@my.net cannot log in, home directory inaccessible.
--------- FTP log ---------

Thanks all.
0
joesover
Asked:
joesover
  • 3
  • 2
1 Solution
 
gidds99Commented:
You should be able to resolve this one.  Work through the check list detailed in this MSKB article:

http://support.microsoft.com/default.aspx?scid=kb;en-us;200475

Hope this helps.
0
 
joesoverAuthor Commented:
no, it's just common sense.
'home directory inaccessible'

ie, the user has rights, but they can't access their home directory, so it doesn't allow login. In theory, you should be able to allow a user to access the FTP, but only get an access denied error when they try to list the directory contents. Apparently IIS won't even let you log in.

0
 
gidds99Commented:
Sorry, I mis-read your question.  This MSKB article is the one relevant to your issue:

http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q221934

I know this article refers to IIS 4 but the issue may be fundamentally the same (e.g. either the home directory is invalid or read permissions are denied to the FTP root directory).

Does this make sense?
0
 
joesoverAuthor Commented:
you're still misreading my question.


THIS IS WHAT IS HAPPENING.
--------- FTP log ---------
220 ftpserver Microsoft FTP Service (Version 5.0).
USER anonymous
331 Anonymous access allowed, send identity (e-mail name) as password.
PASS xxxxxx
530 User guest@my.net cannot log in, home directory inaccessible.
--------- FTP log ---------


THIS IS WHAT I WANT TO HAPPEN.
--------- FTP log ---------
220 ftpserver Microsoft FTP Service (Version 5.0).
USER anonymous
331 Anonymous access allowed, send identity (e-mail name) as password.
PASS xxxxxx
230 Anonymous user logged in.
PWD
257 "/" is current directory.
TYPE A
200 Type set to A.
PORT XX,XX,XX,XX,XX,XX
200 PORT command successful.
LIST
150 Opening ASCII mode data connection for /bin/ls.
550 Access is denied.
--------- FTP log ---------


I want to deny access to the home directory, but still access the FTP.
0
 
gidds99Commented:
I know what you are trying to do and I understand your issue.  The MSKB document shows that the error you are receiving is because read access to the Home Directory has been denied and you are asking if there is a workaround.

I would say no - although 3rd party FTP server software may well be able to do this for you - is this an option for you or do you need to use IIS?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now