Re: IIS Permissions and NTFS

From: Jeff Cochran (jcochran.nospam_at_naplesgov.com)
Date: 02/18/04


Date: Wed, 18 Feb 2004 21:17:59 GMT

On Wed, 18 Feb 2004 12:00:15 -0800, "Shirley Meeks"
<smeeks@comnet-llc.com> wrote:

>I'm using Win2K Server. Do they need to logon local onto
>the Active Directory Server? I've already given them
>logon locally rights to the ftp server.

Logon locally to the FTP server. But I spy another issue I glossed
over. Your virtual directory is using "Connect As" to connect to the
other server, meaning the user login isn't used to reach the user's
home directories, the domain login is. Have you tried using the
domain account as the FTP account and not a local account?

Jeff

>>-----Original Message-----
>>On Tue, 17 Feb 2004 16:56:09 -0800, "Shirley Meeks"
>><smeeks@comnet-llc.com> wrote:
>>
>>>Scenario:
>>>Domain Controller - JUPITER
>>>Domain Name - MICH
>>>FTP Server - MARS
>>>Each client has their own username. For this example
>will
>>>use client "abcd"
>>>
>>>FTP Site Home Directory points to c:\ftp\clients
>>>
>>>Virtual Directory points to \\JUPITER\CLIENTS\abcd
>>>and "Connect As" is MICH\abcd with client password.
>>>
>>>I have created local accounts on MARS and active
>>>directory accounts on JUPITER for each client name.
>>>"Allow anonymous connection" has been disabled.
>>>
>>>
>>>Each client has exclusive rights to their directory on
>>>Jupiter with full control. Each client is a member of
>a
>>>group called ftpusers in the Active Directory. The
>>>ftpusers group has READ and WRITE permission on the
>share
>>>\\JUPITER\CLIENTS. Each user has read rights to
>>>C:\FTP\CLIENTS on the MARS server.
>>>
>>>Whenever a user tries to access the ftp, they receive
>>>error message "home directory is inaccessible".
>>>
>>>Any ideas on what is wrong?
>>
>>First guess is they don't have the Log On Locally
>right. Second guess
>>would depend on the operating system you're on, and if
>Server 2003,
>>the isolation mode you chose.
>>
>>Jeff
>>.
>>



Relevant Pages

  • Re: Phishing Attempt
    ... Confusion - above you say the script was in the home directory, ... was connecting to the ftp server on 58.105.225.59 using the same account ... remarks: This object can only be updated by APNIC hostmasters. ...
    (comp.os.linux.security)
  • Re: FTP long on
    ... I created a FTP server. ... > When user login with local account, ...
    (microsoft.public.inetserver.iis.security)
  • Re: Granting domain accounts access to a workgroup resource
    ... rights] it but instead use a local administrator account or regular domain ... domain users any access to the server. ... I am in the process of installing an FTP server in our organization ...
    (microsoft.public.windows.server.security)
  • RE: FTP server
    ... Then to bind user to his home directory ... the FTP server and service so I can change the permissions of a subfolder ... I want my friends account to access /var/www/pectaybte to ... unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe ...
    (RedHat)
  • FTP long on
    ... I created a FTP server. ... When user login with local account, ...
    (microsoft.public.inetserver.iis.security)