IIS - Microsoft Internet Information Services

HomeForumsIIS 7.0IIS7 - Publishingftp permssions on subdirectories

Previous Next

Thread: ftp permssions on subdirectories

Last post 05-01-2008 12:02 AM by steve schofield. 3 replies.

Average Rating Rate It (5)

RSS

Page 1 of 1 (4 items)

Sort Posts:

  • 04-29-2008, 1:46 PM

    • e1ny
    • Top 25 Contributor
    • Joined on 12-10-2007, 9:50 PM
    • Posts 114

    ftp permssions on subdirectories

    Reply Contact

    Hi: I created a website on IIS7 and added FTP to the website with basic auth and ssl optional.

    When users connect, they're able to list the top level directory, but if they try to navigate to any subfolders, they get "550 access denied"?

  • 04-30-2008, 1:49 PM In reply to

    Re: ftp permssions on subdirectories

    Reply Contact

    NTFS permissions, IIS user permissions.

    Jeff

    Look for Wrox's new book Professional IIS 7 in your local bookstore, or order now at Amazon.com

  • 04-30-2008, 2:21 PM In reply to

    • e1ny
    • Top 25 Contributor
    • Joined on 12-10-2007, 9:50 PM
    • Posts 114

    Re: ftp permssions on subdirectories

    Reply Contact

    jeff@zina.com:

    NTFS permissions, IIS user permissions.

    Jeff

    You are a man of few words, Jeff <g>

    Please allow me to clarify...the website has regular anonymous permissions on the subdirectories, and they can be navigated by the IUSR in a browser. All I did was install ftp on the website with basic authentication selected and anonymous disallowed.

    So if you connect with an FTP client with a valid user/password, you can list the top-level directory, but that fails on any subdirectory. This is an NTFS permissions issue, yes?

    I'm not sure I understand, when basic auth is selected, which account FTP is using to access the website? Is it the Network Service or the user account? And why wouldn't the ACLs propagate to the website as a whole when FTP is installed?

  • 05-01-2008, 12:02 AM In reply to

    Re: ftp permssions on subdirectories

    Reply Contact

    Enable auditing on object access or run filemon (process monitor) to see what is being denied.  If the 'root' folder security hasn't been pushed down to sub-folders, then the 550 denied would make sense.  This post has links to procmon and how to enable auditing.

    http://weblogs.asp.net/steveschofield/archive/2008/03/07/detecting-permission-issues-using-auditing-and-process-monitor.aspx

    Steve Schofield
    Windows Server MVP - IIS
    http://weblogs.asp.net/steveschofield

    http://www.IISLogs.com
    Log archival solution
    Install, Configure, Forget
Page 1 of 1 (4 items)

Powered by IIS7   Powered by ASP.NET 2.0

Copyright © 2008 Microsoft Corporation. All Rights Reserved. | Terms of Use | Privacy Statement | About our Team
Questions/Problems with www.iis.net? | Interested in Advertising with us? | Hosted by OrcsWeb | Ads served by BanManPro

Page view counter