Windows Server 2003 FTP access question
Hi,
Several years ago a friend of mine helped us set up our MS Windows 2003 web server so that any new directories created could simply have an identical username created under Users and this would give that username FTP access to that same-named directory only.
Now we're moving servers and my friend is unavailable. Can anyone point me to an article or the steps necessary to set up FTP permissions in the way I describe?
Thank you
Bill
Several years ago a friend of mine helped us set up our MS Windows 2003 web server so that any new directories created could simply have an identical username created under Users and this would give that username FTP access to that same-named directory only.
Now we're moving servers and my friend is unavailable. Can anyone point me to an article or the steps necessary to set up FTP permissions in the way I describe?
Thank you
Bill
ASKER
Thanks Cleaner - this sounds like a different process, only in that as each user is created on our current server, I'm simply naming them the folder name as you describe and I'm done.
There are no permissions to set up on each user coming in.
There is no Dead END type folder structure, but any access outside of their named folder fails.
I can try and play with your solution, but does anyone else see the subtle difference in what I'm describing compared to Mr Cleaner's solution?
Thanks again!
Bill
There are no permissions to set up on each user coming in.
There is no Dead END type folder structure, but any access outside of their named folder fails.
I can try and play with your solution, but does anyone else see the subtle difference in what I'm describing compared to Mr Cleaner's solution?
Thanks again!
Bill
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hmm - thought I already accepted this
Sorry for the delay!
Bill
Sorry for the delay!
Bill
https://www.experts-exchange.com/questions/21711619/Set-up-FTP-site.html
The following is the post:
1. set up the local user accounts on the computer for each "user/client"
2. In explorer setup the NTFS structure so that you have a "root" folder and inside that folder you have folders for each client/etc.
3. Set up the NTFS rights, so that each user (you can use a group called FTP users, and add them all to that group) has "List" rights to the root folder. Then give them specific rights to each of their "home" folders (read/write/whatever).
4. In IIS for the FTP site, create virtual directories named EXACTLY the same as the user accounts you created, and point each one to the right home folder. ie. virtual directory of BOBJONES points to d:\ftpsite\BOBJONES
5. go back into explorer and create a new folder in the same folder as the ROOT folder and call it DEADEND
6. give the FTP users list/read permissions to the DEADEND folder
7. Back in IIS set the "root folder" for the FTP site to the DEADEND folder
That's it.
now when BOBJONES logs into the FTP site he is in the BOBJONES directory. If he gets wily and tries to do a cd .. to go up to the parent/root he'll get knocked into the DEADEND folder and won't see the list of everyone else's home folders, etc. (NOTE: he can get back to his home folder by typing cd BOBJONES still)
ONE FINAL NOTE: anybody that has a user ID but no virtual directory named the same will get defaulted to the root directory which has been changed to DEADEND.
Hope that helps!
-TheCleaner