Groups | Blog | Home
all groups > iis ftp > august 2004 >

iis ftp : Windows 2003 FTP rights issue


Salman
8/31/2004 3:35:31 AM
I am running an FTP site from Windows 2003 server. I can
download the data from FTP site fine but when I try to
upload the data, it gives me the error message of
permission.

I would like to setup in a way so anybody can download
the data, but in order to upload the data, you would need
an ID and password.

In the security Accounts tab, I created an FTP user ID.
Option for "Allow anonymous connections" is checked.
Option for "Allow only anonymous connections" is
unchecked.
In Home directory tab, if I uncheck the "Write", then I
can't upload anything regardless of how I log into ftp
site. But if I put a check mark next to "Write", then
all users including Anonymous can write into FTP site
(upload the data).

Any help would be greatly appreciated.
Thank you
alunj NO[at]SPAM online.microsoft.com (
9/1/2004 4:53:28 PM
[quoted text, click to view]

Have you tested this, or is it just something you are guessing?

The check box for "Write" is a global setting for the FTP server - to tell
the FTP server to refuse or allow attempts to write on a global basis. If
the FTP server is going to allow writes, then the file system still gets a
say in whether write attempts are allowed or rejected.

The FTP server cannot overrule NTFS restrictions - if NTFS protections all
say that only members of a particular group may write to a file, then only
members of that group can write to the file, no matter what check boxes you
check in the FTP server. [NTFS would be a pretty poor security measure if
it could be overruled by any application that wanted to!]

Alun.
~~~~
Salman Sheikh
9/2/2004 5:01:39 AM
Thanks Alun. I am actually already running the FTP server. I'll check
the NTFS permissions which may be the reason of this issue. I'll let
you know.
Thank you,
Salman



*** Sent via Developersdex http://www.developersdex.com ***
Salman Sheikh
9/5/2004 12:56:36 AM
Hi,
If I give "Write" access in the FTP site and only give "Read" access to
Everyone and "Anonymous Logon" in FTP folder properties (security tab),
it still lets Anonymous user write.

If I remove "Write" access from ftp site, it does not let anybody write.
Even if admin logs in through the FTP site. It seems like I must be
doing something not right.

Do I have to have the "Write" box checked in the ftp site?
Where exactly do I need to allow access. I checked in "Security" tab of
the ftp folder properties.

Your help will be greatly appreciated.

Thank you,




*** Sent via Developersdex http://www.developersdex.com ***
Bernard
9/6/2004 2:01:41 PM
Add an entry in the folder' NTFS ACL:
deny iusr account WRITE permissions

--
Regards,
Bernard Cheah
http://www.tryiis.com/
http://support.microsoft.com/
http://www.msmvps.com/bernard/



[quoted text, click to view]

Got something to say? Click here to post a reply to this thread.
Don't see what you're looking for? Try a search.
View other messages about iis ftp
AddThis Social Bookmark Button
View Other Months
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
home · blog · groups Questions? Comments? Contact the dn