Monday, October 12, 2009

Internet Information Services - Setting Up Access Permissions for Specific Windows Users to Access Specific FTP Virtual Directories

To set up the Windows IIS FTP Server to allow certains Windows users to access certain virtual directories, ensure that you have done the following:
1. Install an IIS FTP Server
2. Ensure that you have a Windows User account set up for the user you want to log on as, onto your FTP Server.
3. In the 'Default FTP Site Properties', uncheck the 'Allow Anonymous Connections' checkbox which can be found under the 'Security Accounts' tab. This will allow specific users that have the right username and password of one of the Windows user accounts on the FTP Server machine to access the FTP Virtual Directories.

Once Step 1 and 2 above is set up, permissions to specific FTP Virtual Directories can be set up as follows:
3. Right click on the virtual directory you have created (eg. CHITRATEST). Below this Local Path textbox, there are three checkboxes (Read, Write and Log Visits). You can uncheck/check these boxes. Think of these boxes as three different pipes. Clogging a pipe (i.e. unchecking a say, 'Write' checkbox) will cause all Windows users who log on to the FTP Server to not have Write permissions to CHITRATEST, regardless of whether the folder on the local path of the virtual directory (e.g. c:\TEST) has 'Write' permission enabled for the currently logged in Windows Users.
4. Once the FTP Server evaluates the super access priviledges it can give to a currently logged Windows user (by evaluating the checkboxes in Step 3 above), it will then evaluate the next level folder properties of the virtual directory. If say, C:\TEST is mapped to a virtual directory called CHITRATEST, the Security permissions set on C:\TEST and C:\Inetpub\ftproot\CHITRATEST will both be evaluated to give the currently logged Windows user specific permissions. Both C:\TEST and C:\Inetpub\ftproot\CHITRATEST must have the exact permissions set/unset for folder level permissions to be evaluated by the FTP Server.

Summary
-------

To allow users with the username and password of a specific Window User account to access the FTP server, follow Steps 1 and 2.

To allow specific logged on Windows users (with a corresponding Windows User account) to gain access permissions to specific virtual directories, follow Step 3.

To allow a lower level folder access permission for logged on Windows users, follow Step 4.

No comments:

Post a Comment

Thank you for your comment.