Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

FTP Folder Access

Posted on 2014-04-23
7
Medium Priority
?
681 Views
Last Modified: 2014-06-04
We have an FTP (SSL) site via IIS7 - I need to isolate folders

Under FTP root User A can connect and access  - I need to create a folder under root that User A & B can access - But user B cannot access the Root directory

How is this best done?

Thanks,
0
Comment
Question by:sparkis
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 13

Expert Comment

by:SagiEDoc
ID: 40019418
This can be achieved with folder permissions. The issue being that you will need to create an A and B folder in the root. User A and B will both need read access to the root. The you can assign user A and user B the required permissions needed for folder A and folder B.
0
 
LVL 38

Accepted Solution

by:
Mahesh earned 1500 total points
ID: 40019598
on root folder assign authenticated users read \ read and execute and list folder contents NTFS permissions
The from advanced security permissions remove inheritance and keep only system, administrators group full control permissions, remove any other groups except authenticated users there on the ACL and change authenticated users permissions scope (Applies to) to This folder only

Now get into FTP root folder and provide required individual users \ groups required permissions on sub folders so that users can access only sub folders for which they got access

Mahesh
0
 

Author Comment

by:sparkis
ID: 40019857
I have been able to control access to each folder under root via Allow/Deny Authorization rule inheritance on the FTP folders within IIS

So User A can access Folder A and User B can access folder B

Is there a way from within IIS that these folders are only visible to the appropriate user - that would be ideal. As of now they can both see both folder they just cannot access each others folder.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 13

Expert Comment

by:SagiEDoc
ID: 40020007
There is a list folder / read data permission you could attempt to use to prevent the users seeing folders that are not applicable to them.
0
 

Author Comment

by:sparkis
ID: 40020056
Under NTFS? - I tried this and it did not work.
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 40021439
This way you can't restrict

In case of shared folders, you can enable access based enumeration on shared folder properties

But in case of FTP this is also not possible unless you explicitly share FTP root folder

Mahesh.
0
 
LVL 25

Expert Comment

by:Coralon
ID: 40021712
This is not that difficult.  

A lot depends on how your users are managed.
In either case, you set A to use the root folder.
For B, you set their root/home directory to the subdirectory.  

Now, as you saw, A will still be able to at least see that B's directory exists.  If you need them isolated, then you turn on the directory isolation, and assign each of them their own folders at a parallel level.

Coralon
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question