Setting up FTP site in Windows 2000 - Windows NT

This is a discussion on Setting up FTP site in Windows 2000 - Windows NT ; Hi, I wish to set up FTP so that a group of users have access to a specific location within my overall FTP site. Lets suppose that I have a directory on my pc called App1 and I have created ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: Setting up FTP site in Windows 2000

  1. Setting up FTP site in Windows 2000

    Hi,

    I wish to set up FTP so that a group of users have access to a specific
    location within my overall FTP site. Lets suppose that I have a
    directory on my pc called App1 and I have created a new virtual
    directory in my default FTP site that maps to it (therefore to access
    it I would navigate to ftp://ipaddress/app1). Now consider the user
    group - call it App1FTPUsers. Every member of App1FTPUsers should be
    required to login and have read only rights - i.e. they should only be
    allowed download files and browse certain folders. Individual members
    of App1FTPUsers should only be able to access specific folders, for
    example User1 should only be able to access a directory within App1
    called User1 (e.g. ftp://ipaddress/app1/user1) and User2 should only be
    able to access a directory within App1 called User2 (e.g.
    ftp://ipaddress/app1/user2) etc. No member of App1FTPUsers should be
    able to access anywhere outside of ftp://ipaddress/app1. Furthermore, I
    would like to retain the ability for certain other users ouside of the
    App1FTPUsers group (e.g. the local administrator etc.) to write to the
    directories involved.

    Please could somebody help me with the steps I should take to achieve
    this. I have set up the ftp virtual directory but have done nothing
    about the security settings i.e. currently the App1FTPUsers group does
    not exist, I have Allow Anonymous Connections set to true for my FTP
    site, my FTP home directory has Read and Log Visits checkboxes checked
    - Write is unchecked. Everyone has full control on all the folders that
    are mapped to in ftp://ipaddress/app1. I am using Windows 2000 and IIS
    6.0. The FTP server is not a domain controller.

    Thanks,

    Paul


  2. Re: Setting up FTP site in Windows 2000

    FTP permissions work in conjunction with ntfs permissions to restrict or
    allow users or groups access with the most restrictive of the two
    permissions applying. In other words if your FTP site is set to read only
    and a user has write access to a folder, they will not be able to write to
    the folder. When configuring permissions make sure that only the specific
    groups you want to have access are included in the permissions with the
    proper permissions. Do not have everyone or users included for instance if
    you want to restrict a folder to specific groups. If possible, have your ftp
    folders on a different drive partition other than the system drive. Do not
    enable anonymous access unless you want to allow anyone to access your ftp
    server. Keep in mind that for FTP authentication that user credentials are
    sent in clear text. The link below may help. --- Steve

    http://www.microsoft.com/technet/pro...f34fba3e8.mspx

    wrote in message
    news:1113994210.763305.174270@l41g2000cwc.googlegr oups.com...
    > Hi,
    >
    > I wish to set up FTP so that a group of users have access to a specific
    > location within my overall FTP site. Lets suppose that I have a
    > directory on my pc called App1 and I have created a new virtual
    > directory in my default FTP site that maps to it (therefore to access
    > it I would navigate to ftp://ipaddress/app1). Now consider the user
    > group - call it App1FTPUsers. Every member of App1FTPUsers should be
    > required to login and have read only rights - i.e. they should only be
    > allowed download files and browse certain folders. Individual members
    > of App1FTPUsers should only be able to access specific folders, for
    > example User1 should only be able to access a directory within App1
    > called User1 (e.g. ftp://ipaddress/app1/user1) and User2 should only be
    > able to access a directory within App1 called User2 (e.g.
    > ftp://ipaddress/app1/user2) etc. No member of App1FTPUsers should be
    > able to access anywhere outside of ftp://ipaddress/app1. Furthermore, I
    > would like to retain the ability for certain other users ouside of the
    > App1FTPUsers group (e.g. the local administrator etc.) to write to the
    > directories involved.
    >
    > Please could somebody help me with the steps I should take to achieve
    > this. I have set up the ftp virtual directory but have done nothing
    > about the security settings i.e. currently the App1FTPUsers group does
    > not exist, I have Allow Anonymous Connections set to true for my FTP
    > site, my FTP home directory has Read and Log Visits checkboxes checked
    > - Write is unchecked. Everyone has full control on all the folders that
    > are mapped to in ftp://ipaddress/app1. I am using Windows 2000 and IIS
    > 6.0. The FTP server is not a domain controller.
    >
    > Thanks,
    >
    > Paul
    >




  3. Re: Setting up FTP site in Windows 2000

    On 20 Apr 2005 03:50:10 -0700, paulsmith5@hotmail.com wrote:

    >Hi,
    >
    >I wish to set up FTP so that a group of users have access to a specific
    >location within my overall FTP site. Lets suppose that I have a
    >directory on my pc called App1 and I have created a new virtual
    >directory in my default FTP site that maps to it (therefore to access
    >it I would navigate to ftp://ipaddress/app1). Now consider the user
    >group - call it App1FTPUsers. Every member of App1FTPUsers should be
    >required to login and have read only rights - i.e. they should only be
    >allowed download files and browse certain folders. Individual members
    >of App1FTPUsers should only be able to access specific folders, for
    >example User1 should only be able to access a directory within App1
    >called User1 (e.g. ftp://ipaddress/app1/user1) and User2 should only be
    >able to access a directory within App1 called User2 (e.g.
    >ftp://ipaddress/app1/user2) etc. No member of App1FTPUsers should be
    >able to access anywhere outside of ftp://ipaddress/app1. Furthermore, I
    >would like to retain the ability for certain other users ouside of the
    >App1FTPUsers group (e.g. the local administrator etc.) to write to the
    >directories involved.
    >
    >Please could somebody help me with the steps I should take to achieve
    >this. I have set up the ftp virtual directory but have done nothing
    >about the security settings i.e. currently the App1FTPUsers group does
    >not exist,


    So create the group and add whatever users get access to this section
    to the group.

    >I have Allow Anonymous Connections set to true for my FTP
    >site


    Remove anonymous access.

    >my FTP home directory has Read and Log Visits checkboxes checked
    >- Write is unchecked. Everyone has full control on all the folders that
    >are mapped to in ftp://ipaddress/app1.


    Remove the Everyone group from the folder permissions. Assign only
    the rights specifically needed, in this case Read for the App1FTPUsers
    group. Probably want full permissions for admins as well. These are
    NTFS file/folder permissions, not in the MMC for the FTP site.

    > I am using Windows 2000 and IIS
    >6.0.


    No you're not. W2K has IIS5, IIS6 comes with Server 2003.

    >The FTP server is not a domain controller.


    Doesn't need to be.

    Also see:

    HOW TO: Set Up an FTP Server in Windows 2000
    http://support.microsoft.com/?id=300662

    How To Set Up an FTP Site So That Users Log Onto Their Folders:
    http://support.microsoft.com/default...b;EN-US;201771

    HOW TO: Create a Secure FTP Directory that Uses Password
    Authentication:
    http://support.microsoft.com/?id=239120

    Jeff

  4. Re: Setting up FTP site in Windows 2000

    Hi Steven,

    Thanks for the help. Got it sorted.

    Paul

    Steven L Umbach wrote:
    > FTP permissions work in conjunction with ntfs permissions to restrict

    or
    > allow users or groups access with the most restrictive of the two
    > permissions applying. In other words if your FTP site is set to read

    only
    > and a user has write access to a folder, they will not be able to

    write to
    > the folder. When configuring permissions make sure that only the

    specific
    > groups you want to have access are included in the permissions with

    the
    > proper permissions. Do not have everyone or users included for

    instance if
    > you want to restrict a folder to specific groups. If possible, have

    your ftp
    > folders on a different drive partition other than the system drive.

    Do not
    > enable anonymous access unless you want to allow anyone to access

    your ftp
    > server. Keep in mind that for FTP authentication that user

    credentials are
    > sent in clear text. The link below may help. --- Steve
    >
    >

    http://www.microsoft.com/technet/pro...f34fba3e8.mspx
    >
    > wrote in message
    > news:1113994210.763305.174270@l41g2000cwc.googlegr oups.com...
    > > Hi,
    > >
    > > I wish to set up FTP so that a group of users have access to a

    specific
    > > location within my overall FTP site. Lets suppose that I have a
    > > directory on my pc called App1 and I have created a new virtual
    > > directory in my default FTP site that maps to it (therefore to

    access
    > > it I would navigate to ftp://ipaddress/app1). Now consider the user
    > > group - call it App1FTPUsers. Every member of App1FTPUsers should

    be
    > > required to login and have read only rights - i.e. they should only

    be
    > > allowed download files and browse certain folders. Individual

    members
    > > of App1FTPUsers should only be able to access specific folders, for
    > > example User1 should only be able to access a directory within App1
    > > called User1 (e.g. ftp://ipaddress/app1/user1) and User2 should

    only be
    > > able to access a directory within App1 called User2 (e.g.
    > > ftp://ipaddress/app1/user2) etc. No member of App1FTPUsers should

    be
    > > able to access anywhere outside of ftp://ipaddress/app1.

    Furthermore, I
    > > would like to retain the ability for certain other users ouside of

    the
    > > App1FTPUsers group (e.g. the local administrator etc.) to write to

    the
    > > directories involved.
    > >
    > > Please could somebody help me with the steps I should take to

    achieve
    > > this. I have set up the ftp virtual directory but have done nothing
    > > about the security settings i.e. currently the App1FTPUsers group

    does
    > > not exist, I have Allow Anonymous Connections set to true for my

    FTP
    > > site, my FTP home directory has Read and Log Visits checkboxes

    checked
    > > - Write is unchecked. Everyone has full control on all the folders

    that
    > > are mapped to in ftp://ipaddress/app1. I am using Windows 2000 and

    IIS
    > > 6.0. The FTP server is not a domain controller.
    > >
    > > Thanks,
    > >
    > > Paul
    > >



  5. Re: Setting up FTP site in Windows 2000

    Hi Jeff,

    Thanks for the help and links. Got it sorted.

    Paul


  6. Re: Setting up FTP site in Windows 2000

    Your welcome. Glad you are good to go now. --- Steve

    wrote in message
    news:1114167273.051905.253400@f14g2000cwb.googlegr oups.com...
    > Hi Steven,
    >
    > Thanks for the help. Got it sorted.
    >
    > Paul
    >
    > Steven L Umbach wrote:
    >> FTP permissions work in conjunction with ntfs permissions to restrict

    > or
    >> allow users or groups access with the most restrictive of the two
    >> permissions applying. In other words if your FTP site is set to read

    > only
    >> and a user has write access to a folder, they will not be able to

    > write to
    >> the folder. When configuring permissions make sure that only the

    > specific
    >> groups you want to have access are included in the permissions with

    > the
    >> proper permissions. Do not have everyone or users included for

    > instance if
    >> you want to restrict a folder to specific groups. If possible, have

    > your ftp
    >> folders on a different drive partition other than the system drive.

    > Do not
    >> enable anonymous access unless you want to allow anyone to access

    > your ftp
    >> server. Keep in mind that for FTP authentication that user

    > credentials are
    >> sent in clear text. The link below may help. --- Steve
    >>
    >>

    > http://www.microsoft.com/technet/pro...f34fba3e8.mspx
    >>
    >> wrote in message
    >> news:1113994210.763305.174270@l41g2000cwc.googlegr oups.com...
    >> > Hi,
    >> >
    >> > I wish to set up FTP so that a group of users have access to a

    > specific
    >> > location within my overall FTP site. Lets suppose that I have a
    >> > directory on my pc called App1 and I have created a new virtual
    >> > directory in my default FTP site that maps to it (therefore to

    > access
    >> > it I would navigate to ftp://ipaddress/app1). Now consider the user
    >> > group - call it App1FTPUsers. Every member of App1FTPUsers should

    > be
    >> > required to login and have read only rights - i.e. they should only

    > be
    >> > allowed download files and browse certain folders. Individual

    > members
    >> > of App1FTPUsers should only be able to access specific folders, for
    >> > example User1 should only be able to access a directory within App1
    >> > called User1 (e.g. ftp://ipaddress/app1/user1) and User2 should

    > only be
    >> > able to access a directory within App1 called User2 (e.g.
    >> > ftp://ipaddress/app1/user2) etc. No member of App1FTPUsers should

    > be
    >> > able to access anywhere outside of ftp://ipaddress/app1.

    > Furthermore, I
    >> > would like to retain the ability for certain other users ouside of

    > the
    >> > App1FTPUsers group (e.g. the local administrator etc.) to write to

    > the
    >> > directories involved.
    >> >
    >> > Please could somebody help me with the steps I should take to

    > achieve
    >> > this. I have set up the ftp virtual directory but have done nothing
    >> > about the security settings i.e. currently the App1FTPUsers group

    > does
    >> > not exist, I have Allow Anonymous Connections set to true for my

    > FTP
    >> > site, my FTP home directory has Read and Log Visits checkboxes

    > checked
    >> > - Write is unchecked. Everyone has full control on all the folders

    > that
    >> > are mapped to in ftp://ipaddress/app1. I am using Windows 2000 and

    > IIS
    >> > 6.0. The FTP server is not a domain controller.
    >> >
    >> > Thanks,
    >> >
    >> > Paul
    >> >

    >




+ Reply to Thread