Windows Server 2003 FTP access question

Posted on 2009-02-24
Last Modified: 2013-12-02

Several years ago a friend of mine helped us set up our MS Windows 2003 web server so that any new directories created could simply have an identical username created under Users and this would give that username FTP access to that same-named directory only.

Now we're moving servers and my friend is unavailable. Can anyone point me to an article or the steps necessary to set up FTP permissions in the way I describe?

Thank you

Question by:billium99
    LVL 23

    Expert Comment

    Follow my post I put in EE a long time back on this.  It should get you going ok.

    The following is the post:

    eh...I'll just assume local user accounts:

    1.  set up the local user accounts on the computer for each "user/client"
    2.  In explorer setup the NTFS structure so that you have a "root" folder and inside that folder you have folders for each client/etc.
    3.  Set up the NTFS rights, so that each user (you can use a group called FTP users, and add them all to that group) has "List" rights to the root folder.  Then give them specific rights to each of their "home" folders (read/write/whatever).
    4.  In IIS for the FTP site, create virtual directories named EXACTLY the same as the user accounts you created, and point each one to the right home folder.  ie. virtual directory of BOBJONES points to d:\ftpsite\BOBJONES
    5.  go back into explorer and create a new folder in the same folder as the ROOT folder and call it DEADEND
    6.  give the FTP users list/read permissions to the DEADEND folder
    7.  Back in IIS set the "root folder" for the FTP site to the DEADEND folder

    That's it.

    now when BOBJONES logs into the FTP site he is in the BOBJONES directory.  If he gets wily and tries to do a cd .. to go up to the parent/root he'll get knocked into the DEADEND folder and won't see the list of everyone else's home folders, etc.   (NOTE: he can get back to his home folder by typing cd BOBJONES still)

    ONE FINAL NOTE:  anybody that has a user ID but no virtual directory named the same will get defaulted to the root directory which has been changed to DEADEND.

    Of course, read the actual original thread to get a full idea...

    Hope that helps!

    LVL 1

    Author Comment

    Thanks Cleaner - this sounds like a different process, only in that as each user is created on our current server, I'm simply naming them the folder name as you describe and I'm done.

    There are no permissions to set up on each user coming in.

    There is no Dead END type folder structure, but any access outside of their named folder fails.

    I can try and play with your solution, but does anyone else see the subtle difference in what I'm describing compared to Mr Cleaner's solution?

    Thanks again!

    LVL 23

    Accepted Solution

    Did you read over the link as well?  I talk in there about using other permissions and scenarios too.

    The above just always was easier for me and gave a better "output"...
    LVL 1

    Author Comment

    Hmm - thought I already accepted this

    Sorry for the delay!


    Featured Post

    Free Trending Threat Insights Every Day

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
    A quick step-by-step overview of installing and configuring Carbonite Server Backup.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now