Solved

How do I create SMB/FTP bandwidth caps

Posted on 2011-09-26
12
319 Views
Last Modified: 2013-12-02
Hello.  I have a Windows Server running File Sharing.  I configured the permissions for the shares using Active Directory accounts.  I'd like to configure an FTP server that uses the same ACLs as the File Server, but also prevents the user from downloading more than 2GB within 24 hours.  I'd like it to kill any downloads that hit the 2GB max, and then lock the domain account for 48 hours.  How can I do this? Thanks
0
Comment
Question by:crazyfixer
  • 7
  • 4
12 Comments
 
LVL 4

Expert Comment

by:mustang83
ID: 36601910
This cannot be done using windows ftp servers.

you can use third party paid for ftp programs which will allow better file size limitations and time limits etc. Some will also have access to AD ldap database so it can use your acl's.

What they can't do is lock a domain account for 48 hours. In fact I've never seen this functionality in anything other password wrong scenarios.

The only functionality you can use regarding file size is quota management but that more to do with how much can be stored per user on a share.

If i wanted something like this i would create a website using ASP and write something that showed the shares and allow users to download but also watch there downloads and block there account on the website rather than in active directory. You can google 'asp file manager' as there are lots of these types of programs already written.

Hope this helps.


0
 

Author Comment

by:crazyfixer
ID: 36601950
I know someone I used to work with did this on Solaris. (including locking domain accounts)  Do you know the names of any of these ASP programs?  Will they work with Server 2k3?
0
 
LVL 9

Expert Comment

by:parparov
ID: 36707515
You can do the policies in the network equipment instead.
0
 
LVL 4

Accepted Solution

by:
mustang83 earned 500 total points
ID: 36708273
There are a few but ive never used them.

Just google 'asp web manager' and see what comes up. Theres one called filevista.

I have found a ftp server for windows with limits.

http://www.codeocean.com/products/oceanftpserver/index.html

There is also a ftp server / web manager in one (a ftp server with a web client) which is very good.

http://www.wftpserver.com/index.htm

Using solaris or linux there are many free ftp servers which will do what you want though they are quite difficult to setup.



0
 

Author Comment

by:crazyfixer
ID: 36710667
That Ocean FTP server looks promising if it can use active directory for authentication.
0
 

Author Comment

by:crazyfixer
ID: 36712855
I've settled on trying Wing FTP but it doesn't record the statistics needed for quotas if you use an Active Directory user.  Do you know how to fix that?
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 4

Expert Comment

by:mustang83
ID: 36712917
looks to me like you have to setup wing to use active directory and then map ad users to local users.

you can then define the local users with the quotas etc that you want.
0
 

Author Comment

by:crazyfixer
ID: 36712928
I have done that, but the only time the quota (or even logins) is calculated is when I login with the local user name, and not the AD account.
0
 

Author Comment

by:crazyfixer
ID: 36713194
WingFTP won't work as it can't provide user quotas for AD users.  Ocean is too expensive.  Is there perhaps a way to do this with IIS, or another software?
0
 
LVL 4

Expert Comment

by:mustang83
ID: 36715125
You cannot do this with IIS.

Theres another one called bulletproof ftp.
http://www.bpftpserver.com/

you can get a free trial.

Otherwise check this list.

http://en.wikipedia.org/wiki/Comparison_of_FTP_server_software
0
 

Author Comment

by:crazyfixer
ID: 36717334
Thanks. I already looked at BPFTP and that wiki list before coming here.  WingFTP seems like the best option, but it appears broken in that sense.  I'll see if I can work with the company to fix it.
0
 

Author Closing Comment

by:crazyfixer
ID: 36717342
WingFTP wound up being the product I am going to work with, but it's got a glitch or something that won't work properly right now.  Hopefully it will be fixed, and I can then use it
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

Understanding FTPS File transfer is a common requirement in most Enterprises. While there are numerous ways to get a file from Point A to Point B over a network, perhaps the most common method still in use is FTP – File Transfer Protocol. FTP is …
If, like me, you have a lot of Dell servers in the estate you manage this article should save you a little time. When attempting to login to iDrac on any server I would be presented with two errors. The first reads "Do you want to run this applicati…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now