IIS 5 & IIS 6
FTP access rights problem
Last post Mar 18, 2008 09:50 PM by qbernard
Mar 17, 2008 11:03 PM|sanjaypsachdev|LINK
i am working at a university in texas as admin. My problem is as follows :
we basically have a setup for creating course accounts for students on a server. It includes FTP acces to there respective folder on the server to the students. The students have an account on the domain controller. The server which houses the FTP server
has the following : Win2003 server, IIS 6.0. The problem here is that when am trying to access a folder through FTP (student course account), i am able to access the folder with the username and password of any user, provided the student has an account on
the domain controller. But, only the student to whom the folder belongs to, should get the access and not any user. The partition used in NTFS. And each student folder has been given access to his respective folder by adding the students account to the folder
secutity permissions. I tried re-creating the complete FTP website, by selecting the 'Isolate Users' option inside the FTP website creation options, but in this case i am locked in the sence i can create folder for users only inside the FTP root and not anywhere
else. Besides the name of the fodler needs to be same as the name of the students, which is not the case in case of our existing folder setup here.
I have theis functionality working on oneof our other servers. On this server, each user is able to access only his own folder or folders inside the FTP, and the folders are not inside the FTP root. Again the partition is NTFS and each user has been added
to the folder - security permissions.I tried copying the FTP server contents from the IIS metabase.xml file from this server to the other server on which i amhaving problems, but even that did'nt help.
Please, do let me know if anyone knows anything about this FTP issue. i'll be realy thankfull !!
Mar 18, 2008 12:31 AM|qbernard|LINK
That's user isolation is all about. it will lock down the user to the home path. and I think this will fit your requirement. so
1) Setup user isolation... if you can't make the folder same name. then try create a virtual directory and point it to the folder
2) For common/share folder, create another virtual directory and link it there. user will have to navigate to the folder blindly or manually. e.g. cd myvdir to access it. For access control, do it at the physical folder/file NTFS level.
Mar 18, 2008 08:21 PM|sanjaypsachdev|LINK
If i create the FTP site using the 'user isolation' mode, i can only create the folder inside a the FTP root, and besides the name of the folder needs to be the same as the user...but my issue is my dorectories are spread across everywhere but not the ftproot...how
can i make virtual directories to point to these different locations...and besides each user will have multiple folders (i.e. virtual directories)...each folder will be a sub-folder of a course specific parent folder, as i am creating FTPa accounts for course
specific contents in a university...when a student logs in, he should be taken to the ftproot, and from there he can do a CD and browse to the folder he wants to goto...
Please do let me know if anyone knows anything abt this...need help real bad...
Mar 18, 2008 09:50 PM|qbernard|LINK
1) Again, just setup in isolation mode, setup the vdir - as your username and map it to the physical folder. when user logged in, he/she will be redirected to the home folder. if the user need to access other folder, vdir is the only. create the vdir in
root level, user will be able to access it.