Re: FTP User Isolation Mode Questions
From: Bernard (qbernard_at_hotmail.com.discuss)
Date: 02/01/05
- Next message: Bernard: "Re: IIS FTP server: 530 Login failed"
- Previous message: Bernard: "Re: script to create users"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 1 Feb 2005 15:36:41 +0800
1) Is there a way to turn off write access for anonymous users only, without
switching to an Active Directory setup?
Yes, anonymous user will be redirect to /public folder. just make sure iusr
account doesn't have WRITE NTFS permission.
2) is it possible to get the FTP service to follow shortcuts used as home
directories or placed on the root of a physical home directory? The service
> does not resolve shortcuts, rather, displays them as binary .lnk files.
.lnk file does not apply to ftp world :( you can use virtual directory to
have a common share path, it can be located either in or outside of the
ftproot path
3) what is the minimum permission needed to grant a user access to their
home directory? Some experimentation has shed some light on this > question,
however, I was hoping there is some Microsoft KB article or reference that
states explicitly what permissions are needed so I can lockdown directories
and files in the most secure fashion
Basically, in my setup. only required users and system account have access
to the permission. Admin have READ access only, if admin are requested to
help remove some files, the write permission only granted at that time. rule
of thumb is always grant the minimum permissions, only grant more when
needed.
-- Regards, Bernard Cheah http://www.tryiis.com/ http://support.microsoft.com/ http://www.msmvps.com/bernard/ "Harry" <robinsoh@vu.union.edu> wrote in message news:%23ITqdGk$EHA.3820@TK2MSFTNGP11.phx.gbl... >I have a few questions regarding the new FTP user isolation modes >introduced > in Windows 2003 Server / IIS 6, specifically with the "Isolate users" > mode, > rather then the "Isolate users using Active Directory" mode. > > I would like to set up anonymous access on my FTP site, however, I do not > wish anonymous users to have upload permission. If I disable write access > on > the FTP site's properties window, I can achieve this goal but, it also > disables write access for all authenticated users. Is there a way to turn > off write access for anonymous users only, without switching to an Active > Directory setup? > > Also, is it possible to get the FTP service to follow shortcuts used as > home > directories or placed on the root of a physical home directory? The > service > does not resolve shortcuts, rather, displays them as binary .lnk files. > > Lastly, what is the minimum permission needed to grant a user access to > their home directory? Some experimentation has shed some light on this > question, however, I was hoping there is some Microsoft KB article or > reference that states explicitly what permissions are needed so I can > lockdown directories and files in the most secure fashion. > > - Harry > >
- Next message: Bernard: "Re: IIS FTP server: 530 Login failed"
- Previous message: Bernard: "Re: script to create users"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
