On Tue, 05 Oct 2004 21:18:19 GMT, alunj@online.microsoft.com ("Alun
[quoted text, click to view] Jones [MSFT]") wrote:
>> From: jeff.nospam@zina.com (Jeff Cochran)
>>
>> On Thu, 30 Sep 2004 10:39:32 -0700, "Olivia Towery"
>> <newsgroups@timwebs.com> wrote:
>>
>> >I have an ftp account to the root folder of the website. User setup to
>> >access via the iis properties and permissions to folder. A second user
>is
>> >setup to view the folder via http - no anonymous access for either. The
>> >second user does not appear in the ftp iis properties, yet that user is
>> >still able to login to the ftp site, but with only read permissions. I
>only
>> >want the second user to be able to login to http NOT ftp. Is this
>possible?
>>
>> Probably not related to FTP, check that the web site doesn't allow
>> anonymous access.
>
>I think what the user is asking is how to prevent users from logging on to
>the FTP server. If users have the appropriate logon privileges, they will
>be able to logon through FTP. In older versions of IIS, the appropriate
>privilege was the "log on locally" right. In IIS 6.0, the privilege is the
>"log on over the network" right.
>
>You might be able to disable access for a specific user by creating a
>virtual directory for their logon directory, and pointing that directory to
>a place where the user has no permissions.
Ah, that makes more sense. But why is the FTP logon pointing them to
the web site root? Unless that's set as the FTP root as well, which I
guess would set up this situation. And you can't deny access without
also blocking access to the web folders. Hmm... Looks like the next
revision of IIS needs a "log on via FTP" privelege. Know anyone we
could pass a feature request to...? :)
