<apollosmith@gmail.com> wrote in message
news:1154070138.362142.181220@75g2000cwc.googlegroups.com...
>I have an IIS 6 FTP site. I have A LOT of virtual directories set up,
> one for each web site I'm administering. I want user1 to access Site1
> and Site2, but not Site3. I want user2 to be able to access Site2 and
> Site3, but not Site1.
>
> I've added user1 and user2 as users and added them to an FTPAccounts
> group. They are not a part of any other group and no other settings
> have been set on these accounts.
>
> In my Default FTP Site Properties, I checked Read access, but not
> write. My home directory is C:/ftproot/. I had to set NTFS permissions
> for the FTPAccounts group for this directory to Read and List,
> otherwise the user received a "home directory unavailable" message.
>
> Once this is set, the user has free reign to read/write to any sites on
> the server, even though no other permissions have been given. This
> applies even when the virtual directory points to a directory that is
> not below the C:/ftproot/ directory.
>
> So, if I set individual permissions for the FTPAccounts group or User1
> to DENY all rights for a site, the user cannot access or change ANY of
> the sites. If I set Read/Write NTFS permissions for one of the sites,
> the user can Read/Write ALL of the sites, even if the other site still
> has specific DENY settings on it for that user or group. If I set BOTH
> User1 and FTPAccounts settings to DENY everything for one site and
> Read/Write for another site, the user can't make changes, but can still
> read and browse ANY of the sites. Changing the Read/Write permissions
> for the virtual directory in the IIS manager works, but it applies to
> all users thus removing the ability to set user specific permissions.
>
> I've deleted and recreated accounts, reset permissions, restarted, and
> now have grey hair.
>
> It's all or nothing and I'm about to install Linux! Help!
>