Solved

IIS 7.5 Secure FTP User Isolation

Posted on 2013-11-08
2
390 Views
Last Modified: 2014-01-21
Hello.

I am new to setting up FTP sites in general, but my organization has requested that I set one up so that our clients may send/receive files.

I am currently trying to do this with as little investment as possible, which has lead me to setting up an IIS FTP site on our file server.

The requirements for the project are this:

• External clients locked into their directory without the ability to see other folders.
• Internal staff have to be able to see the FTP root directory and have access to all files
• External clients have non-domain logins and internal staff must be able to access with their AD credentials

So the first part was easy to setup, I have the FTP site running and User isolation enabled, the external accounts are indeed locked to their respective directories; however, I am not finding a way to disable the user isolation for the internal staff.

I fear the only way this is going to work correctly is to have separate FTP sites for internal vs external.

Is there another way?
0
Comment
Question by:HFComm
2 Comments
 
LVL 30

Accepted Solution

by:
Brad Howe earned 500 total points
Comment Utility
For internal staff to be able to access the root directory of all the clients you need to setup one more virtual path.

For example.

IIS Console
    > ftp site
                 -> LocalUser
                                   -> user1
                                   -> user2
                                   -> administrators
                                            -> Root <-- This is just an empty directory under administrators.

                  ->Root <-- This is a virtual path pointing to the ..\LocalUser folder

Let me know if you need a hand,
Hades666
0
 

Author Comment

by:HFComm
Comment Utility
Hades666 -

Thank you for the reply, I think I understand the theory on how this should work and I have everything setup for the external clients to be able to access.

When I try to login with an active directory user I get a home directory is not accessible. I want all AD users to end up at the same root, So I thought maybe if I created the virtual directory by group name (ALLUSER) that it would pick that up. It did not. If I create a virtual directory with my username of course it works fine..

Can you please advise? Thanks
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Over the past decade, as Internet security has become a chief concern of IT professionals, one of the most common questions administrators and users ask is, “Which is more secure, SFTP or FTPS?” In short, both file transfer protocols offer a high…
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now