Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2116
  • Last Modified:

Hide certain FTP folders from certain users - Server 2012

Hi experts,

I'll start by telling something about myself.

Two of my hobbies are taking photographs and making music. For easy access to all of my work, I host a FTP server under Windows 2012. Of course I have access to al the data on the server, but some of my friends like to have access to. No problem, I gave them user accounts and they can log in and see everything, but there lies the problem. I don't want them to see everything. I can deny access to certain folders, but I don't want them to see the folders they don't have access to.

The folder structure is as follows:
D:\ (An internal disk that acts as the FTP root)
     Pictures
          Private Pictures (The folder I don't want them to see and access)
          Cars
          Nature
          ... (All folders they can access)
     Music (Folder they can access
     Movies
          Home made
               Private (The folder I don't want them to see and access)
               My cars
               ... (Folders they can access)
          Nature
          ... (Folders they can access)

I have searched the internet for days, and I find solutions regarding to virtual directies, special NTFS permissions, Access Based Enumeartion. But I can't seem to get it working.

Could someone please help me with this problem. Any help would be much appreciated.
0
eNVy8ight
Asked:
eNVy8ight
  • 3
  • 2
1 Solution
 
David Paris VicenteCommented:
Hi eNVy8ight .

You have several options all depends from waht you really want.

On this example you can configure folders specific for the users. What I mean is if I´m granwizzard when i Log on the FTP server I will logged on directly on the folder specified for my user.

Take a look here:
How to set up an FTP site so that users log on to their folders

If just want to hide some directories take a look here:
How to: Hide FTP Directories

Let us know if this helped.

Regards
0
 
eNVy8ightAuthor Commented:
Hi granwizzard,

Thanks for the reply.

The first option you mentioned is not really what I want. I want all users to land in the same folder (root folder). Because all of my subfolders are there.

The second option, (the Microsoft KB info), I have tried and can't get it to work.

This is what Microsoft says to do:
4.Specify file permissions for the anonymous user:
   a.Click Permissions, and then in the Name list, click Anonymous User.
   b.In the Type Of Access box, click Special Directory Access.
   c.In the Special Directory Access dialog box, click Other, but do not click to select any of
   the check boxes

I guess anonymous user, can be any user or group I want ?
Special directory access option, I can't seem to find ?

If you could explain it in a little more detail, perhaps I will be able to find the solution.

Excuse for my lack of knowledge, i'm still learning everything.
0
 
David Paris VicenteCommented:
Please ignore my previous links my bad, because they are to other version of IIS, since you have 2012 there are 3 options to achieve  that.´

They are:
1.User name directory: Isolates user sessions to the physical or virtual directory with the same name of the FTP user account. The user sees only their FTP root location and is, therefore, restricted from navigating higher up the physical or virtual directory tree. Any global virtual directories that are created are ignored.


2.User name physical directory: Isolates user sessions to the physical directory with the same name of the FTP user account. The user sees only their FTP root location and is, therefore, restricted from navigating higher up the physical directory tree. Any global virtual directories that are created apply to all users.


3.FTP home directory configured in Active Directory: Isolates user sessions to the home directory that is configured in the Active Directory account settings for each FTP user.

So you have to think how do you want to design the directory structure, the easy way is to change the permissions on the folders.

Because you put the Home Directory D:\ (your user accounts will see every folders,  despite of the permissions)

If you want to keep the structure, you can remove the other users from the folders permissions that you don´t want them to see. Note: They will see the folders but they will not see the info inside them.

Do this just for one folder and if this work for you repeat the process for other folders.

Example:

On the D:\ (An internal disk that acts as the FTP root)\Pictures\Private Pictures (The folder I don't want them to see and access) ->  Right click and choose the security tab -> Advance and the deselect the allow Inherit permissions from.........-> OK

Then remove the user names of your friends from the top panel Group or User Names don´t touch the other users.

Let me know.

Regards
0
 
eNVy8ightAuthor Commented:
Hi,

I want to thank you for pointing me in the right direction. I finally understand how virtual directories and user name physical directory work.

I set up my FTP so that every user has its own root directory and they can see certain virtual directories. It took me a while to understand and find out how it worked, but I'm happy with the final result.

Thanks again.
0
 
David Paris VicenteCommented:
Great.

Regards
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now