FTP user accounts - Must not list other folders

From: Gert Conradie (grc@iafrica.com)
Date: 08/02/02 

From:     Gert Conradie <grc@iafrica.com>
Date: Fri, 02 Aug 2002 07:32:21 -0700

Ok Im goning nuts... here is my setup on Win2000 Server, IIS,FTP server

(Questions below steps)

C:\ftpfolder\ftproot\userA
C:\ftpfolder\ftproot\userB

My setup steps was:
1. Creat users A & B and put them both in a group "FTPUsers"

2. On C:\, right click > properties > security > Add group "FTPUsers"
and deny them all rights

3. Created C:\ftpfolder\ftproot, and with IIS manager make that the home
directory for FTP server

4. right click on C:\ftpfolder > properties > security >
Deselect the inheritance of the parent.
Add group "FTPUsers" and give them list/read/write access.

5. This will spawn down the subfolders into
"C:\ftpfolder\ftproot\userA" and
"C:\ftpfolder\ftproot\userB"

6.On C:\ftpfolder\ftproot\userA,
right click > properties > security >
Deny "FTPUsers" all rights.
Add user "A" and give him permissions

7.On C:\ftpfolder\ftproot\userB,
right click > properties > security >
Deny "FTPUsers" all rights.
Add user "B" and give him permissions

Q1 - is this generally correct? (1-4 is for security)
Q2 - in my case user "A" go directly to his/her folder, but user "B"
browse the ftprootfolder and is only access denied when he wants to go
in a folder that is listed but he has no rights on.
Q3 - Other strange things were basicly that the user that have a folder
name exactly as his username he goes directly to it and cant see the
ftproot folder. When user with same setup but without a foldername like
his username ftp, he list all the folders but he cant access them. When
I rename a the folder that was the same as username, that same user
still goes directly to that folder - ???? I just can see the commen
thing here.

Thanks, gert

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

Relevant Pages

  • Re: SBS 2003 folder redirection, offline files, ..and more
    ... you log into a shared PC with admin rights and go to Windows Explorer Folder ... documents are redirected to the server. ... without redirection, they wouldn't have been. ...
    (microsoft.public.windows.server.sbs)
  • Re: Permissions causing printing problem
    ... I think the gotcha is when the Create folder, ... This posting is provided "AS IS" with no warranties, and confers no rights. ... Are you talking> about perms on the PC or on the Server? ... >>Windows Printing Team ...
    (microsoft.public.win2000.printing)
  • Re: User access to view open files in computer management
    ... Sorry, but I don't know, how can I give user rights to shared folders, open ... etc entry in computer management? ... You'll have to run the batch file as a scheduled task (on the server), ... you have a folder off the root on the server called DATA. ...
    (microsoft.public.windows.server.general)
  • Re: Help!!!
    ... The C:\WINNT folder is the old name. ... involoved (Setup Launch, Cluster, and SQL Service accounts. ... Microsoft SQL Server MVP ... > Remote process exit code was '0'. ...
    (microsoft.public.sqlserver.clustering)
  • Re: Checking if outlook has been setup with a server, and if email
    ... Outlook with no server setup, just a personal folder file and address book, ...
    (microsoft.public.fox.programmer.exchange)