What we want is to offer a possibility for a user to upload data to a server by ftp (using his AD password), but do not want that the user can copy data from that directory to another directory when logged on on that server using Remote Desktop.
This may sound strange, but we need a human check that the uploaded data is allowed on the server by an administrator. The administrator will then copy the data from his FTP directory to the user'sfolder with more permissions.
We tried to set the rights of the directory to deny read but this does not work as expected.
Although, in remote desktop session the user can not read/execute any files in the FTP directory as expected, in his ftp client he can download data from his FTP directory? That is not wanted because this would allow a user to put sensitive data in his FTP directory and download it from the server.