Permission problem - All users allowed access under IIS 5.0 -- iis ftp

iis ftp : Permission problem - All users allowed access under IIS 5.0

David
10/12/2004 3:15:03 AM

I have a strange issue here in a DMZ domain with IIS FTP giving access to all
valid domain users, yet anonymous access is disabled and only the local
Administrators group is granted Operator permissions.

On all our other domains this works as expected by denying access until
either the user, or a group they are a member of is added as a domain user.

If I try to logon with an invalid username or an incorrect password it
fails, so it's not totally open, but still worrying.

Also if I secure the directories with NTFS permissions to deny the user
explicitly (or their group) then this works as expected.

Alun Jones [MSFT]
10/12/2004 9:46:11 AM

[quoted text, click to view]

The FTP server will allow you to log on in IIS 5.0 if you have the "Log on
locally" privilege assigned to your account.

Alun.
~~~~

David
10/13/2004 5:37:03 AM

[quoted text, click to view]

Thanks alot, it explains the behaviour we're seeing.

Is there a way to retrict users to access to one ftp site on a machine
hosting many without using NTFS security or is that the only way?

Bernard
10/14/2004 11:48:18 AM

In IIS5.0, not really. maybe you can try IP restriction, but this work on IP
level not user account. hence for now it would be best to control via NTFS.

--
Regards,
Bernard Cheah
http://www.tryiis.com/
http://support.microsoft.com/
http://www.msmvps.com/bernard/

[quoted text, click to view]

Got something to say? Click here to post a reply to this thread.

Don't see what you're looking for? Try a search.

View other messages about iis ftp

home · blog · groups

Questions? Comments? Contact the dn