Member_2_4548968
asked on
Setting permissions of an FTP upload directory in an Active Directory setup
Hi,
What we want is to offer a possibility for a user to upload data to a server by ftp (using his AD password), but do not want that the user can copy data from that directory to another directory when logged on on that server using Remote Desktop.
This may sound strange, but we need a human check that the uploaded data is allowed on the server by an administrator. The administrator will then copy the data from his FTP directory to the user'sfolder with more permissions.
We tried to set the rights of the directory to deny read but this does not work as expected.
Although, in remote desktop session the user can not read/execute any files in the FTP directory as expected, in his ftp client he can download data from his FTP directory? That is not wanted because this would allow a user to put sensitive data in his FTP directory and download it from the server.
Any suggestions?
Thanks
What we want is to offer a possibility for a user to upload data to a server by ftp (using his AD password), but do not want that the user can copy data from that directory to another directory when logged on on that server using Remote Desktop.
This may sound strange, but we need a human check that the uploaded data is allowed on the server by an administrator. The administrator will then copy the data from his FTP directory to the user'sfolder with more permissions.
We tried to set the rights of the directory to deny read but this does not work as expected.
Although, in remote desktop session the user can not read/execute any files in the FTP directory as expected, in his ftp client he can download data from his FTP directory? That is not wanted because this would allow a user to put sensitive data in his FTP directory and download it from the server.
Any suggestions?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
Now if you have smart developers who work there that know how to write quality and secure software,...then they might be able to write an application that the person would use and the Application would do all that behind the scenes,...but you just are not going to do that with just the OS, and FTP Service, and Remote Desktop.