Re: Setting up FTP site in Windows 2000

From: Jeff Cochran (
Date: 04/20/05

Date: Wed, 20 Apr 2005 19:28:03 GMT

On 20 Apr 2005 03:50:10 -0700, wrote:

>I wish to set up FTP so that a group of users have access to a specific
>location within my overall FTP site. Lets suppose that I have a
>directory on my pc called App1 and I have created a new virtual
>directory in my default FTP site that maps to it (therefore to access
>it I would navigate to ftp://ipaddress/app1). Now consider the user
>group - call it App1FTPUsers. Every member of App1FTPUsers should be
>required to login and have read only rights - i.e. they should only be
>allowed download files and browse certain folders. Individual members
>of App1FTPUsers should only be able to access specific folders, for
>example User1 should only be able to access a directory within App1
>called User1 (e.g. ftp://ipaddress/app1/user1) and User2 should only be
>able to access a directory within App1 called User2 (e.g.
>ftp://ipaddress/app1/user2) etc. No member of App1FTPUsers should be
>able to access anywhere outside of ftp://ipaddress/app1. Furthermore, I
>would like to retain the ability for certain other users ouside of the
>App1FTPUsers group (e.g. the local administrator etc.) to write to the
>directories involved.
>Please could somebody help me with the steps I should take to achieve
>this. I have set up the ftp virtual directory but have done nothing
>about the security settings i.e. currently the App1FTPUsers group does
>not exist,

So create the group and add whatever users get access to this section
to the group.

>I have Allow Anonymous Connections set to true for my FTP

Remove anonymous access.

>my FTP home directory has Read and Log Visits checkboxes checked
>- Write is unchecked. Everyone has full control on all the folders that
>are mapped to in ftp://ipaddress/app1.

Remove the Everyone group from the folder permissions. Assign only
the rights specifically needed, in this case Read for the App1FTPUsers
group. Probably want full permissions for admins as well. These are
NTFS file/folder permissions, not in the MMC for the FTP site.

> I am using Windows 2000 and IIS

No you're not. W2K has IIS5, IIS6 comes with Server 2003.

>The FTP server is not a domain controller.

Doesn't need to be.

Also see:

HOW TO: Set Up an FTP Server in Windows 2000

How To Set Up an FTP Site So That Users Log Onto Their Folders:;EN-US;201771

HOW TO: Create a Secure FTP Directory that Uses Password


Relevant Pages

  • Re: Creating Multiple FTP Users and Containers (2000 Server + IIS)
    ... > IIS Administrator for an FTP site. ... > complete Windows Scripting novice so I'm hoping that I can get some help ... > What I am even more unsure of is scripting the creation of Virtual Folders ... The permissions will need to be set to ...
  • Re: IIS 5, FTP, Different access permissions for different users
    ... namely intftp -> 'incoming', right? ... How To Set Up an FTP Site So That Users Log Onto Their Folders ... > I created a Virtual directory pointing to same path as ...
  • Re: using fp2003 to ftp sites
    ... That is normal when you download from an FTP site. ... The navigation would probably have to be rebuilt regardless. ... The navigation is stored in the local _vti* folders, ...
  • Re: FTP is not there
    ... > I am running XP Pro, ... > (I am at an FTP site when I look for this). ... Internet Explorer 5.x, 6.x: FTP and Web-Based Folders, on this page. ...
  • Re: FTP P
    ... Yes, Bernard I have created a ftp site, I want to my different website users ... The complete error is "530 User solinme cannot log in, ... but I need that the users can't see the folders each others. ... >> Created a Folder, called WebSites ...