Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

FTP Folder Access

Posted on 2014-04-23
7
Medium Priority
?
648 Views
Last Modified: 2014-06-04
We have an FTP (SSL) site via IIS7 - I need to isolate folders

Under FTP root User A can connect and access  - I need to create a folder under root that User A & B can access - But user B cannot access the Root directory

How is this best done?

Thanks,
0
Comment
Question by:sparkis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 13

Expert Comment

by:SagiEDoc
ID: 40019418
This can be achieved with folder permissions. The issue being that you will need to create an A and B folder in the root. User A and B will both need read access to the root. The you can assign user A and user B the required permissions needed for folder A and folder B.
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 1500 total points
ID: 40019598
on root folder assign authenticated users read \ read and execute and list folder contents NTFS permissions
The from advanced security permissions remove inheritance and keep only system, administrators group full control permissions, remove any other groups except authenticated users there on the ACL and change authenticated users permissions scope (Applies to) to This folder only

Now get into FTP root folder and provide required individual users \ groups required permissions on sub folders so that users can access only sub folders for which they got access

Mahesh
0
 

Author Comment

by:sparkis
ID: 40019857
I have been able to control access to each folder under root via Allow/Deny Authorization rule inheritance on the FTP folders within IIS

So User A can access Folder A and User B can access folder B

Is there a way from within IIS that these folders are only visible to the appropriate user - that would be ideal. As of now they can both see both folder they just cannot access each others folder.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 13

Expert Comment

by:SagiEDoc
ID: 40020007
There is a list folder / read data permission you could attempt to use to prevent the users seeing folders that are not applicable to them.
0
 

Author Comment

by:sparkis
ID: 40020056
Under NTFS? - I tried this and it did not work.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 40021439
This way you can't restrict

In case of shared folders, you can enable access based enumeration on shared folder properties

But in case of FTP this is also not possible unless you explicitly share FTP root folder

Mahesh.
0
 
LVL 25

Expert Comment

by:Coralon
ID: 40021712
This is not that difficult.  

A lot depends on how your users are managed.
In either case, you set A to use the root folder.
For B, you set their root/home directory to the subdirectory.  

Now, as you saw, A will still be able to at least see that B's directory exists.  If you need them isolated, then you turn on the directory isolation, and assign each of them their own folders at a parallel level.

Coralon
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question