ftp security with user isolation -- iis ftp

peter
3/15/2006 10:02:29 AM

Hi all: Following scenario:
All users have permissions (read, write, etc) to all user home dirs on ftp
site. They however can see only their own dirs because of user isolation -
that's good. Now I need to have an admin user that can see all of content of
the site. I DO NOT WANT TO CHANGE ANY PERMISSIONS ON ANY USER HOME DIRS.
Changing permissions of localuser dir is fine. How do I go around that?
Creating virtual dir pointing to localuser dir, and allowing only admin to
access that doesn't work, since it gives everybody access: even if they don't
have permission to local user dir, they still can see other users home dirs
by logging directly to that dir. I know this is a tough question, MANY

Bernard Cheah [MVP]
3/16/2006 12:00:00 AM

Even normal user able to see all user folders, with proper NTFS permissions
they won't be able to access excep their own home folder.
Unfortunately the current user isolation is designed in such a way, this is
the only workaround I know.

I don't have a box to test now, see if you can remote the 'list' permission
via this kb.
HOW TO: Create an FTP Folder with Read Access but Not List Access
http://support.microsoft.com/?id=314932

--
Regards,
Bernard Cheah
http://www.iis-resources.com/
http://www.iiswebcastseries.com/
http://msmvps.com/blogs/bernard/

[quoted text, click to view]

iis ftp : ftp security with user isolation