Re: IIS 5, FTP, Different access permissions for different users
From: BB (Bernard_at_3exp.com)
Date: 03/25/03
- Next message: BB: "Re: Too Much Traffic - IIS4/NT4"
- Previous message: Kyle Lai: "Re: Article on WebDAV Vulnerability (MS03-007)"
- In reply to: Dave Elliott: "IIS 5, FTP, Different access permissions for different users"
- Next in thread: David Elliott: "Re: IIS 5, FTP, Different access permissions for different users"
- Reply: David Elliott: "Re: IIS 5, FTP, Different access permissions for different users"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "BB" <Bernard_at_3exp.com> Date: Tue, 25 Mar 2003 10:03:08 +0800
Don't quite get you, you have 2 folders
outgoing and incoming -> anonymous access -> ftp://aa.com
now you want to create virtual directory
namely intftp -> 'incoming', right ?
anonymous shouldn't able to 'cd inftp' because it's restricted.
but user still able to go to 'incoming' rights ?
I guess it's configuration issue, list down your setup and
your requirements and what you had tried.
some useful kb for your reference
HOW TO: Limit FTP Access in Windows 2000
http://support.microsoft.com/?id=318712
HOW TO: Create a Secure FTP Directory that Uses Password Authentication
http://support.microsoft.com/?id=239120
How To Set Up an FTP Site So That Users Log Onto Their Folders
http://support.microsoft.com/?id=201771
Err Msg: 530 User <Username> Cannot Log In. Login Failed.
http://support.microsoft.com/?id=200475
-- Regards, Bernard Cheah http://support.microsoft.com/ "Dave Elliott" <David.elliott@lifeway.com> wrote in message news:326301c2f253$8fc11bc0$a401280a@phx.gbl... > I am trying to allow anonymous users to our FTP site to > Read-only from Outgoing folder and Write-only to Incoming > folder. > > I want internal users (IP addresses 172.16.0.0) to be able > to logon using a userid and account to Read from Incoming > folder and write to outgoing folder. > > I set NTFS permissions on the folders to give desired > access and that works. > > My problem is in enforcing the IP restriction. > > ATTEMPT #1 > I created a Virtual directory pointing to same path as > anonymous site E:\inetpub\ftproot and named it intFTP (so > users could login as "intFTP") and set the Directory > Security tab to deny all except IPs in 172.16.0.0 subnet. > >>That didn't work. Internet users who log in as intftp > still have access to the folders I only want internal > users to have. > > ATTEMPT #2 > I created an additional Virtual site. Default FTP site > supports anonymous access and other authenticated users > who access other folders not in the inetpub\ftproot path > and new Virtual site with different IP address for my > internal (announced on internal DNS only). I deleted the > intFTP virtual directory from defaulat FTP site and > created intFtp virtual directory in the new FTP site (with > same IP restrictions). > >>> I was surprized to find that I could login to Default > FTP site using intFTP userid eventhough the intFTP virtual > directory had been deleted from Defualt FTP Site and now > only existed under new FTP site (different IP address). > > How can I ensure that users can only login to the new FTP > site with the intFTP user account since both FTP sites are > on same machine? NOTE: The FTP server is configured to > use domain authentication (msftpsvc/DefaultLogonDomain = > domainname) rather than local accounts.
- Next message: BB: "Re: Too Much Traffic - IIS4/NT4"
- Previous message: Kyle Lai: "Re: Article on WebDAV Vulnerability (MS03-007)"
- In reply to: Dave Elliott: "IIS 5, FTP, Different access permissions for different users"
- Next in thread: David Elliott: "Re: IIS 5, FTP, Different access permissions for different users"
- Reply: David Elliott: "Re: IIS 5, FTP, Different access permissions for different users"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
