?
Solved

IIS 7.5 Secure FTP User Isolation

Posted on 2013-11-08
2
Medium Priority
?
405 Views
Last Modified: 2014-01-21
Hello.

I am new to setting up FTP sites in general, but my organization has requested that I set one up so that our clients may send/receive files.

I am currently trying to do this with as little investment as possible, which has lead me to setting up an IIS FTP site on our file server.

The requirements for the project are this:

• External clients locked into their directory without the ability to see other folders.
• Internal staff have to be able to see the FTP root directory and have access to all files
• External clients have non-domain logins and internal staff must be able to access with their AD credentials

So the first part was easy to setup, I have the FTP site running and User isolation enabled, the external accounts are indeed locked to their respective directories; however, I am not finding a way to disable the user isolation for the internal staff.

I fear the only way this is going to work correctly is to have separate FTP sites for internal vs external.

Is there another way?
0
Comment
Question by:HFComm
2 Comments
 
LVL 30

Accepted Solution

by:
Brad Howe earned 1500 total points
ID: 39635583
For internal staff to be able to access the root directory of all the clients you need to setup one more virtual path.

For example.

IIS Console
    > ftp site
                 -> LocalUser
                                   -> user1
                                   -> user2
                                   -> administrators
                                            -> Root <-- This is just an empty directory under administrators.

                  ->Root <-- This is a virtual path pointing to the ..\LocalUser folder

Let me know if you need a hand,
Hades666
0
 

Author Comment

by:HFComm
ID: 39652063
Hades666 -

Thank you for the reply, I think I understand the theory on how this should work and I have everything setup for the external clients to be able to access.

When I try to login with an active directory user I get a home directory is not accessible. I want all AD users to end up at the same root, So I thought maybe if I created the virtual directory by group name (ALLUSER) that it would pick that up. It did not. If I create a virtual directory with my username of course it works fine..

Can you please advise? Thanks
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With the withdrawal of support for Windows Server 2003 this summer, many clients face the issue of moving away from their 2003 installs. There are a few options out there that many people/companies are selling. But the clients I have, haven't wanted…
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Suggested Courses
Course of the Month8 days, 5 hours left to enroll

616 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question