• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 411
  • Last Modified:

IIS 7.5 Secure FTP User Isolation

Hello.

I am new to setting up FTP sites in general, but my organization has requested that I set one up so that our clients may send/receive files.

I am currently trying to do this with as little investment as possible, which has lead me to setting up an IIS FTP site on our file server.

The requirements for the project are this:

• External clients locked into their directory without the ability to see other folders.
• Internal staff have to be able to see the FTP root directory and have access to all files
• External clients have non-domain logins and internal staff must be able to access with their AD credentials

So the first part was easy to setup, I have the FTP site running and User isolation enabled, the external accounts are indeed locked to their respective directories; however, I am not finding a way to disable the user isolation for the internal staff.

I fear the only way this is going to work correctly is to have separate FTP sites for internal vs external.

Is there another way?
0
HFComm
Asked:
HFComm
1 Solution
 
Brad HoweDevOps ManagerCommented:
For internal staff to be able to access the root directory of all the clients you need to setup one more virtual path.

For example.

IIS Console
    > ftp site
                 -> LocalUser
                                   -> user1
                                   -> user2
                                   -> administrators
                                            -> Root <-- This is just an empty directory under administrators.

                  ->Root <-- This is a virtual path pointing to the ..\LocalUser folder

Let me know if you need a hand,
Hades666
0
 
HFCommAuthor Commented:
Hades666 -

Thank you for the reply, I think I understand the theory on how this should work and I have everything setup for the external clients to be able to access.

When I try to login with an active directory user I get a home directory is not accessible. I want all AD users to end up at the same root, So I thought maybe if I created the virtual directory by group name (ALLUSER) that it would pick that up. It did not. If I create a virtual directory with my username of course it works fine..

Can you please advise? Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now