Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
inet
active_desktop
active_scrptng
asp.components
asp.db
asp.general
comctl32
comp.packaging
components.dev
dbweb
dhtml_editing
docobjects
html_authoring
html_objmodel
iis
iis.ftp
iis.security
iis.smtp_nntp
indexserver
misc
mshtml_hosting
scripting.jscript
scripting.vbscript
sdk_setup
shell_objmodel
urlmonikers
webbrowser_ctl
wininet
  
 
date: Sun, 22 Jun 2008 21:57:26 -0700 (PDT),    group: microsoft.public.inetserver.iis.ftp        back       


FTP access issues from other browsers    
Hi ,
I have a Windows Server 2003 R2 Enterprise box which is an ADC and
runs SMS 2003 SP3 primary site, a FTP web site and ISA 2006 to
protect
the FTP as well provide Web Proxy services. My FTP site is running
quite nicely though I've heard the above mentioned setup is not good
and can cause lots  of unexplained problems.

I have set up the FTPROOT directory to one of the partitions and what
I have done to authenticate FTP users is this

1. I Created an OU called FTP accounts on the ADC and then create
normal user accounts .
2.I Create FTP folders with the name of the client as the folder
name .the same folder name is used to create the user account in the
OU FTP accounts.
3. Once the user accounts have been created, i then proceed to set
permissions on the individual folders inside the FTP root.
eg- Suppose client is Siemens. so the FTP user account would be
siemens. The new folder inside the FTP root directoy would also be
siemens and then I proceed to give Domain\siemens Read\Write\Modify
permissions to the siemens folder.
I also deny permission to delete the folder,change user permissions
or
take ownership.

this done when the user ftp's into the FTP site through IE 6 and
authenticates ,it takes him directly to the correct folder ,leading
the user to think he is at the home folder. He cannot traverse up as
only the required folder is being shown .

My real issue is that when the user FTP's in from
Mozilla,Opera ,Safari,Unix or even IE7 or IE8 ,it takes him to the
FTPROOT directory!!, in my case E: .

This shows him all the other folder names and lets him see al the
other FTP folders and since our company has rival companies as
clientswho think they are the only ones whom we do business with,it's
a real business killer!!!

Is this because I have allowed the user group  EVERYONE to list
folder
contents at the FTP root directory( E:) . Is there any way to limit
the view of the FTP clients to just their folder.
      When I removed the everyone -list folder contents from the
root,then nobody was able to log in to the FTP site.

Also is IIS Lockdown tool good for my FTP site?
Please help guys!!!
date: Sun, 22 Jun 2008 21:57:26 -0700 (PDT)   author:   nandagopalrvarma

Re: FTP access issues from other browsers    
for IE 7 and 8, this is due to IE behavior changed, nothing on IIS site. 
refer
http://msmvps.com/blogs/bernard/archive/2007/10/08/iis-ftp-and-ie-7-no-user-folder-redirection.aspx

IIS5/6 lockdown tool is specific for web, not much for ftp. just ensure you 
have proper NTFS permissions in place, and have vpn or secure network for 
ftp communication since ftp is using plain/bin text for data transmission.

-- 
Regards,
Bernard Cheah
http://www.iis.net/
http://msmvps.com/blogs/bernard/


"nandagopalrvarma"  wrote in message 
news:f7ba235d-5604-42d8-a334-9b1c719cb70d@i36g2000prf.googlegroups.com...
> Hi ,
> I have a Windows Server 2003 R2 Enterprise box which is an ADC and
> runs SMS 2003 SP3 primary site, a FTP web site and ISA 2006 to
> protect
> the FTP as well provide Web Proxy services. My FTP site is running
> quite nicely though I've heard the above mentioned setup is not good
> and can cause lots  of unexplained problems.
>
> I have set up the FTPROOT directory to one of the partitions and what
> I have done to authenticate FTP users is this
>
> 1. I Created an OU called FTP accounts on the ADC and then create
> normal user accounts .
> 2.I Create FTP folders with the name of the client as the folder
> name .the same folder name is used to create the user account in the
> OU FTP accounts.
> 3. Once the user accounts have been created, i then proceed to set
> permissions on the individual folders inside the FTP root.
> eg- Suppose client is Siemens. so the FTP user account would be
> siemens. The new folder inside the FTP root directoy would also be
> siemens and then I proceed to give Domain\siemens Read\Write\Modify
> permissions to the siemens folder.
> I also deny permission to delete the folder,change user permissions
> or
> take ownership.
>
> this done when the user ftp's into the FTP site through IE 6 and
> authenticates ,it takes him directly to the correct folder ,leading
> the user to think he is at the home folder. He cannot traverse up as
> only the required folder is being shown .
>
> My real issue is that when the user FTP's in from
> Mozilla,Opera ,Safari,Unix or even IE7 or IE8 ,it takes him to the
> FTPROOT directory!!, in my case E: .
>
> This shows him all the other folder names and lets him see al the
> other FTP folders and since our company has rival companies as
> clientswho think they are the only ones whom we do business with,it's
> a real business killer!!!
>
> Is this because I have allowed the user group  EVERYONE to list
> folder
> contents at the FTP root directory( E:) . Is there any way to limit
> the view of the FTP clients to just their folder.
>      When I removed the everyone -list folder contents from the
> root,then nobody was able to log in to the FTP site.
>
> Also is IIS Lockdown tool good for my FTP site?
> Please help guys!!!
date: Mon, 30 Jun 2008 15:37:57 +0800   author:   Bernard Cheah [MVP] uss

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us