|Subject:||FTP server on ADC|
|Posted by:||Nandan (nandagopalrvar…@gmail.com)|
|Date:||Sat, 21 Jun 2008|
I have a Windows Server 2003 R2 Enterprise box which is an ADC and
runs SMS 2003 SP3 primary site, a FTP web site and ISA 2006 to protect
the FTP as well provide Web Proxy services. My FTP site is running
quite nicely though I've heard the above mentioned setup is not good
and can cause lots of unexplained problems.
I have set up the FTPROOT directory to one of the partitions and what
I have done to authenticate FTP users is this
1. I Created an OU called FTP accounts on the ADC and then create
normal user accounts .
2.I Create FTP folders with the name of the client as the folder
name .the same folder name is used to create the user account in the
OU FTP accounts.
3. Once the user accounts have been created, i then proceed to set
permissions on the individual folders inside the FTP root.
eg- Suppose client is Siemens. so the FTP user account would be
siemens. The new folder inside the FTP root directoy would also be
siemens and then I proceed to give Domain\siemens Read\Write\Modify
permissions to the siemens folder.
I also deny permission to delete the folder,change user permissions or
this done when the user ftp's into the FTP site through IE 6 and
authenticates ,it takes him directly to the correct folder ,leading
the user to think he is at the home folder. He cannot traverse up as
only the required folder is being shown .
My real issue is that when the user FTP's in from
Mozilla,Opera ,Safari,Unix or even IE7 or IE8 ,it takes him to the
FTPROOT directory!!, in my case E: .
This shows him all the other folder names and lets him see al the
other FTP folders and since our company has rival companies as
clientswho think they are the only ones whom we do business with,it's
a real business killer!!!
Is this because I have allowed the user group EVERYONE to list folder
contents at the FTP root directory( E:) . Is there any way to limit
the view of the FTP clients to just their folder.
When I removed the everyone -list folder contents from the
root,then nobody was able to log in to the FTP site.
Also is IIS Lockdown tool good for my FTP site?
Please help guys!!!