Click here to get back home

FTP site on ADC creating problems!!!!
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
FTP site on ADC creating problems!!!! nandagopalrvarma 06-21-2008
Posted by nandagopalrvarma on June 21, 2008, 11:49 am
Please log in for more thread options
 Hi ,
I have a Windows Server 2003 R2 Enterprise box which is an ADC and
runs SMS 2003 SP3 primary site, a FTP web site and ISA 2006 to protect
the FTP as well provide Web Proxy services. My FTP site is running
quite nicely though I've heard the above mentioned setup is not good
and can cause lots of unexplained problems.

I have set up the FTPROOT directory to one of the partitions and what
I have done to authenticate FTP users is this

1. I Created an OU called FTP accounts on the ADC and then create
normal user accounts .
2.I Create FTP folders with the name of the client as the folder
name .the same folder name is used to create the user account in the
OU FTP accounts.
3. Once the user accounts have been created, i then proceed to set
permissions on the individual folders inside the FTP root.
eg- Suppose client is Siemens. so the FTP user account would be
siemens. The new folder inside the FTP root directoy would also be
siemens and then I proceed to give Domain\siemens Read\Write\Modify
permissions to the siemens folder.
I also deny permission to delete the folder,change user permissions or
take ownership.

this done when the user ftp's into the FTP site through IE 6 and
authenticates ,it takes him directly to the correct folder ,leading
the user to think he is at the home folder. He cannot traverse up as
only the required folder is being shown .

My real issue is that when the user FTP's in from
Mozilla,Opera ,Safari,Unix or even IE7 or IE8 ,it takes him to the
FTPROOT directory!!, in my case E: .

This shows him all the other folder names and lets him see al the
other FTP folders and since our company has rival companies as
clientswho think they are the only ones whom we do business with,it's
a real business killer!!!

Is this because I have allowed the user group EVERYONE to list folder
contents at the FTP root directory( E:) . Is there any way to limit
the view of the FTP clients to just their folder.
When I removed the everyone -list folder contents from the
root,then nobody was able to log in to the FTP site.

Also is IIS Lockdown tool good for my FTP site?
Please help guys!!!




Posted by Meinolf Weber on June 21, 2008, 2:04 pm
Please log in for more thread options
Hello nandagopalrvarma,

Answered to microsoft.public.windows.server.active_directory

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

> Hi ,
> I have a Windows Server 2003 R2 Enterprise box which is an ADC and
> runs SMS 2003 SP3 primary site, a FTP web site and ISA 2006 to protect
> the FTP as well provide Web Proxy services. My FTP site is running
> quite nicely though I've heard the above mentioned setup is not good
> and can cause lots of unexplained problems.
> I have set up the FTPROOT directory to one of the partitions and what
> I have done to authenticate FTP users is this
>
> 1. I Created an OU called FTP accounts on the ADC and then create
> normal user accounts .
> 2.I Create FTP folders with the name of the client as the folder
> name .the same folder name is used to create the user account in the
> OU FTP accounts.
> 3. Once the user accounts have been created, i then proceed to set
> permissions on the individual folders inside the FTP root.
> eg- Suppose client is Siemens. so the FTP user account would be
> siemens. The new folder inside the FTP root directoy would also be
> siemens and then I proceed to give Domain\siemens Read\Write\Modify
> permissions to the siemens folder.
> I also deny permission to delete the folder,change user permissions or
> take ownership.
> this done when the user ftp's into the FTP site through IE 6 and
> authenticates ,it takes him directly to the correct folder ,leading
> the user to think he is at the home folder. He cannot traverse up as
> only the required folder is being shown .
>
> My real issue is that when the user FTP's in from
> Mozilla,Opera ,Safari,Unix or even IE7 or IE8 ,it takes him to the
> FTPROOT directory!!, in my case E: .
> This shows him all the other folder names and lets him see al the
> other FTP folders and since our company has rival companies as
> clientswho think they are the only ones whom we do business with,it's
> a real business killer!!!
>
> Is this because I have allowed the user group EVERYONE to list folder
> contents at the FTP root directory( E:) . Is there any way to limit
> the view of the FTP clients to just their folder.
> When I removed the everyone -list folder contents from the
> root,then nobody was able to log in to the FTP site.
> Also is IIS Lockdown tool good for my FTP site?
> Please help guys!!!



Similar ThreadsPosted
Creating our own certificate February 12, 2006, 10:30 am
Creating Certificate December 16, 2006, 9:16 am
creating shares that are actually writeable July 26, 2005, 11:09 am
Creating domain trusts September 23, 2006, 2:12 am
Help Needed in Creating Login banner March 1, 2007, 1:03 pm
Is it possible to .PFX file when creating/issuing a certificate July 5, 2007, 12:04 pm
Creating CA and self-signed cert for EFS recovery July 19, 2007, 10:10 am
Creating and verifying Domain trust programatically July 5, 2005, 7:09 pm
Creating IPSec Policy for Pre-Share Key in VPN not working. October 25, 2005, 6:31 am
HOWTO: Creating a Drop-Only Shared Folder June 9, 2008, 3:05 pm

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap