RE: FTP user accounts - Must not list other folders
From: Martin Smith (martinsmonline@microsoft.com)
Date: 08/02/02
- Next message: Scott: "Update CRLs on IIS 5.0"
- Previous message: Paul Lynch: "Re: Windows2000 SP3"
- In reply to: Gert Conradie: "FTP user accounts - Must not list other folders"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: martinsmonline@microsoft.com (Martin Smith) Date: Fri, 02 Aug 2002 19:12:14 GMT
Hi,
Check out:
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q201771&
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q245048&
Thanks,
Martin
Please do not send email directly to this alias. This is our online account
name for newsgroup participation only.
If you would like to open a support incident with Microsoft, call
1-800-936-5800
This posting is provided “AS IS” with no warranties, and confers no rights.
You assume all risk for your use. © 2001 Microsoft Corporation. All rights
reserved.
----------------------------------------------------------------------------
----------------------------------------------------------------------
From: Gert Conradie <grc@iafrica.com>
X-Newsreader: AspNNTP 1.50 (ActionJackson.com)
Subject: FTP user accounts - Must not list other folders
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <uu9oqFjOCHA.436@tkmsftngp11>
Newsgroups: microsoft.public.inetServer.iis.security
Date: Fri, 02 Aug 2002 07:32:21 -0700
NNTP-Posting-Host: 216.17.146.37
Lines: 1
Path: cpmsftngxa07!tkmsftngxs01!tkmsftngp01!tkmsftngp11
Xref: cpmsftngxa07 microsoft.public.inetserver.iis.security:9034
X-Tomcat-NG: microsoft.public.inetserver.iis.security
Ok Im goning nuts... here is my setup on Win2000 Server, IIS,FTP server
(Questions below steps)
C:\ftpfolder\ftproot\userA
C:\ftpfolder\ftproot\userB
My setup steps was:
1. Creat users A & B and put them both in a group "FTPUsers"
2. On C:\, right click > properties > security > Add group "FTPUsers"
and deny them all rights
3. Created C:\ftpfolder\ftproot, and with IIS manager make that the home
directory for FTP server
4. right click on C:\ftpfolder > properties > security >
Deselect the inheritance of the parent.
Add group "FTPUsers" and give them list/read/write access.
5. This will spawn down the subfolders into
"C:\ftpfolder\ftproot\userA" and
"C:\ftpfolder\ftproot\userB"
6.On C:\ftpfolder\ftproot\userA,
right click > properties > security >
Deny "FTPUsers" all rights.
Add user "A" and give him permissions
7.On C:\ftpfolder\ftproot\userB,
right click > properties > security >
Deny "FTPUsers" all rights.
Add user "B" and give him permissions
Q1 - is this generally correct? (1-4 is for security)
Q2 - in my case user "A" go directly to his/her folder, but user "B"
browse the ftprootfolder and is only access denied when he wants to go
in a folder that is listed but he has no rights on.
Q3 - Other strange things were basicly that the user that have a folder
name exactly as his username he goes directly to it and cant see the
ftproot folder. When user with same setup but without a foldername like
his username ftp, he list all the folders but he cant access them. When
I rename a the folder that was the same as username, that same user
still goes directly to that folder - ???? I just can see the commen
thing here.
Thanks, gert
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
- Next message: Scott: "Update CRLs on IIS 5.0"
- Previous message: Paul Lynch: "Re: Windows2000 SP3"
- In reply to: Gert Conradie: "FTP user accounts - Must not list other folders"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
