Re: Additional Restrictions - option

From: BB (Bernard_at_3exp.com)
Date: 04/11/03 

From: "BB" <Bernard_at_3exp.com>
Date: Fri, 11 Apr 2003 17:19:41 +0800

directoryA or userA ?
userA >> c:\userA

try again ... 

-- 
Regards,
Bernard Cheah
http://support.microsoft.com/
"bimosekin" <bimosekin@hotmail.com> wrote in message
news:00d001c30002$c119e460$3001280a@phx.gbl...
> The home directories will be inform of:
>
> userA >> c:\directoryA
> userB >> c:\directoryB
> userC >> c:\directoryC
> anonymous >> c:\inetput\ftproot
>
> Users A - C have their respective virtual directories
> configured under the default FTP Site.  What happen at
> present is when they use "ftp.exe", it goes straight to
> the c:\inetpub\ftproot.  I woull like this to go to
> respective directory depending on which user login.
>
> Regards,
> bimosekin
>
> >-----Original Message-----
> >Where do the user be place then ?
> >ftproot ? any error msgs ?
> >
> >is the ftproot permission same as the
> >physical folder redirect root folder ?
> >
> >
> >-- 
> >Regards,
> >Bernard Cheah
> >http://support.microsoft.com/
> >
> >
> >"bimosekin" <bimosekin@hotmail.com> wrote in message
> >news:059301c2ff64$56d11270$a501280a@phx.gbl...
> >> BB,
> >>
> >> coming back on this subject.  How can I configure
> >> different directory entry point on user's basis.  I
> have
> >> already created different virtual directories and
> >> respective users having NTFS permission. so I will like
> >> their login to go to their respective directory in case
> >> they did not indicate any at login, especially when
> they
> >> are using ftp.exe client.
> >>
> >> bimosekin
> >>
> >> >-----Original Message-----
> >> >My guess the default-ftp directory serve as
> >> >the entry point..
> >> >
> >> >filemon will show you this as well.
> >> >
> >> >
> >> >-- 
> >> >Regards,
> >> >Bernard Cheah
> >> >http://support.microsoft.com/
> >> >
> >> >
> >> >"bimosekin" <bimosekin@hotmail.com> wrote in message
> >> >news:000201c2fa03$b0bdf480$a401280a@phx.gbl...
> >> >> Thanks, I will try this to really get the glimps of
> >> >> filemon.  However, I have located the problem. The
> user
> >> do
> >> >> have appropriate permission to its FTP-directory,
> but do
> >> >> not have any on the default-FTP directory.  The
> funny
> >> >> thing however is that both directory are
> independent of
> >> >> each other.
> >> >>
> >> >> Rgds.
> >> >> >-----Original Message-----
> >> >> >I'm sure when you do a 'CD' it will show
> >> >> >the directory you are using by ftp.exe
> >> >> >and the status is either success, denied or not
> found
> >> >> >and etc.
> >> >> >
> >> >> >you should run filemon on the ftp server. then ftp
> >> >> >locally or from remote server.
> >> >> >
> >> >> >
> >> >> >-- 
> >> >> >Regards,
> >> >> >Bernard Cheah
> >> >> >http://support.microsoft.com/
> >> >> >
> >> >> >
> >> >> >"bimosekin" <bimosekin@hotmail.com> wrote in
> message
> >> >> >news:06d601c2f861$de481fa0$a301280a@phx.gbl...
> >> >> >> Thanks for the patience, however, filemon does
> not
> >> >> report
> >> >> >> anything about the logins and subsequet
> commands.  It
> >> >> >> only logs the "open" and "bye" command, anything
> in
> >> >> >> between is notlogged.
> >> >> >>
> >> >> >> >-----Original Message-----
> >> >> >> >IIS FTP only support anonymous and basic. No
> windows
> >> >> >> integrated.
> >> >> >> >The things I'm wondering is when you set the
> >> additional
> >> >> >> anonymous
> >> >> >> >settings, some user works while some are not.
> if it
> >> >> >> works, meaning
> >> >> >> >the 'some other users' have some permission and
> >> rights
> >> >> >> issue.
> >> >> >> >
> >> >> >> >You should try the filemon utility, it will
> shows
> >> you
> >> >> >> related
> >> >> >> >access issues.
> >> >> >> >
> >> >> >> >
> >> >> >> >
> >> >> >> >-- 
> >> >> >> >Regards,
> >> >> >> >Bernard Cheah
> >> >> >> >http://support.microsoft.com/
> >> >> >> >
> >> >> >> >
> >> >> >> >"bimosekin" <bimosekin@hotmail.com> wrote in
> message
> >> >> >> >news:03ef01c2f792$f0ae8410$a601280a@phx.gbl...
> >> >> >> >> BB,
> >> >> >> >>
> >> >> >> >> Thanks.  The "users" group already have the
> >> >> permission
> >> >> >> >> mentioned in the KB: "Log on Locally" and
> Access
> >> this
> >> >> >> >> computer from the netwrok", and all the
> >> user_accounts
> >> >> >> are
> >> >> >> >> in this group.  The FTP is configured for both
> >> >> >> Anonymous
> >> >> >> >> and Windows integrated.
> >> >> >> >>
> >> >> >> >> I have anyway decided to do away with
> >> the "Additional
> >> >> >> >> Restrictions for Anonymous Connections"
> option.
> >> The
> >> >> >> most
> >> >> >> >> funny thing now is that the problem still
> persist,
> >> >> >> which
> >> >> >> >> was not the case before.
> >> >> >> >>
> >> >> >> >> I no longer Know what exactly is going on.
> >> >> >> >>
> >> >> >> >> bimoseekin
> >> >> >> >>
> >> >> >> >>
> >> >> >> >> >-----Original Message-----
> >> >> >> >> >Try
> >> >> >> >> >http://support.microsoft.com/?id=200475
> >> >> >> >> >
> >> >> >> >> >if no luck, get filemon from
> sysinternals.com,
> >> >> >> >> >run it, then try to access, look for 'access
> >> denied'
> >> >> >> >> >entry, then granted related rights.
> >> >> >> >> >
> >> >> >> >> >
> >> >> >> >> >-- 
> >> >> >> >> >Regards,
> >> >> >> >> >Bernard Cheah
> >> >> >> >> >http://support.microsoft.com/
> >> >> >> >> >
> >> >> >> >> >
> >> >> >> >> >"bimosekin" <bimosekin@hotmail.com> wrote in
> >> message
> >> >> >> >> >news:029001c2f750$169b0e20
> $a101280a@phx.gbl...
> >> >> >> >> >> Bernard,
> >> >> >> >> >>
> >> >> >> >> >> Yes, the error msgs is 530 "User cannot
> log in,
> >> >> home
> >> >> >> >> >> directory inaccessible. Login failed"
> >> >> >> >> >>
> >> >> >> >> >> This could not be the case since the user
> is
> >> in a
> >> >> >> group
> >> >> >> >> >> that has the same access and permissions,
> and
> >> >> there
> >> >> >> is
> >> >> >> >> no
> >> >> >> >> >> where anyone is denied access.
> >> >> >> >> >>
> >> >> >> >> >> What steps should I take to rectify this?
> >> >> >> >> >>
> >> >> >> >> >> Thanks,
> >> >> >> >> >> bimosekin
> >> >> >> >> >>
> >> >> >> >> >> >-----Original Message-----
> >> >> >> >> >> >What will be the error msgs ? 530 ?
> >> >> >> >> >> >have you try using ftp.exe and login as
> >> >> >> >> >> >that user at that workstation ?
> >> >> >> >> >> >
> >> >> >> >> >> >
> >> >> >> >> >> >-- 
> >> >> >> >> >> >Regards,
> >> >> >> >> >> >Bernard Cheah
> >> >> >> >> >> >http://support.microsoft.com/
> >> >> >> >> >> >
> >> >> >> >> >> >
> >> >> >> >> >> >"bimosekin" <bimosekin@hotmail.com> wrote
> in
> >> >> >> message
> >> >> >> >> >> >news:046d01c2f553$0284bf20
> $2f01280a@phx.gbl...
> >> >> >> >> >> >> In trying to harden security on our
> >> >> W2K/IIS5.1, I
> >> >> >> >> >> enable
> >> >> >> >> >> >> the enabled the "Additional
> Restrictions for
> >> >> >> >> Anonymous
> >> >> >> >> >> >> Connections" by setting the option
> to "2 -
> >> No
> >> >> >> access
> >> >> >> >> >> >> without explicit anonymous permission,
> on
> >> >> >> the "local
> >> >> >> >> >> >> security" configuration.
> >> >> >> >> >> >>
> >> >> >> >> >> >> This is working fine, however, I have
> some
> >> >> users'
> >> >> >> >> >> account
> >> >> >> >> >> >> on the system who connect through FTP.
> The
> >> >> funny
> >> >> >> >> >> thing is
> >> >> >> >> >> >> that some succeeds while some fails,
> even
> >> when
> >> >> >> they
> >> >> >> >> >> are in
> >> >> >> >> >> >> the same group.  These users' have
> >> appropriate
> >> >> >> NTFS
> >> >> >> >> >> >> permission on their respective FTP
> folder.
> >> They
> >> >> >> can
> >> >> >> >> >> >> connect again once I reset this option
> >> >> to "0".  I
> >> >> >> >> have
> >> >> >> >> >> >> make sure that "everyone" do not have
> denied
> >> >> >> >> permission
> >> >> >> >> >> >> anywhere, and there is no where the
> failing
> >> >> >> users'
> >> >> >> >> have
> >> >> >> >> >> >> restriction permission on their
> respective
> >> >> >> folder.
> >> >> >> >> >> >>
> >> >> >> >> >> >> Where should I check again?
> >> >> >> >> >> >
> >> >> >> >> >> >
> >> >> >> >> >> >.
> >> >> >> >> >> >
> >> >> >> >> >
> >> >> >> >> >
> >> >> >> >> >.
> >> >> >> >> >
> >> >> >> >
> >> >> >> >
> >> >> >> >.
> >> >> >> >
> >> >> >
> >> >> >
> >> >> >.
> >> >> >
> >> >
> >> >
> >> >.
> >> >
> >
> >
> >.
> >

Relevant Pages

  • Re: NTFS permission
    ... I have checked the effective permission and userA indeed has only read rights to the folder. ... I then created another folder named test2 under test folderand set modify rights for userA to it. ...
    (microsoft.public.windowsxp.general)
  • RE: sid question
    ... Do you mean that when you migrate a user (for example: UserA) to the target ... has the permission to access the share folder Doc on a server in the source ... target domain should also don't have the permission to access the resource. ...
    (microsoft.public.windows.server.migration)
  • Re: security concerns for PHP on win2k
    ... If userA knows where UserB is hosting his adult site with a members dir, ... > I have Apache with PHP running on a win2k box. ... > his public_html folder he can use windows security to grant the apache ...
    (alt.php)
  • Re: Delete Shared Task
    ... Otherwise in Outlook 2003 the Navigation Pane stuff is stored in an XML file based on the Outlook profile name plus some random stuff stored in a hidden message in the hidden Common Views folder. ... UserA can delete UserB's tasks. ... However, if UserA creates a new task and assigns it to UserB, the task now changes it's properties somehow into a quasi email item and UserA cannot delete that task from UserB. ...
    (microsoft.public.outlook.program_vba)
  • Re: How to stop sychronize others files
    ... Sounds like UserA still has an account on the machine and that he still has the Offline Files option enabled. ... He has setup a folder XXX that sychronize with the folder sss1 in the file server. ... Then recently UserA bought a new laptop and give its old one to userB. ...
    (microsoft.public.windowsxp.general)
Quantcast