FTP setup

M

Mike Marshall

Need help setting up FTP! Not able to accomplish what we
need.

Have created a folder ( C:\abcftp ) on a WIN2000 DC
running IIS. Have shared it so that Domain Admins have
F/C and so that the local security group has read
permissions. All of the internal users are located in
Global Security Groups, placed inside of a Universal
Security Group that was made a member of the local
security group. From a share and file permissions point
of view there is no problem accessing the folders
internally via browsing.

We have four folders inside the ABCFTP folder and need to
set it up so that ONLY certain users can access certain
folders ( for instance, Accounting users can access the
ACCOUNTING folder, Sales users can access the SALES
folder, etc and controlled via permissions ). We do not
want "outsiders" (non-employees) to be able to access the
FTP Site so annonymous access is not to be allowed. In
other words, username and password is a *MUST*.

Externally via Internet Explorer no one can access the
FTP Site except for Administrators. Users are prompted
for a user name and password and they enter the correct
user name and password and then are prompted for the same
thing again and again. This is most probably a
permissions issue but I can not find where.

Thank you,

Mike Marshall
 
M

Matjaz Ladava [MVP]

FTP server requires Logon Locally right for the users which access the
server. Check, that your users have this right.

--
Regards

Matjaz Ladava, MCSE, MCSA, MVP
Microsoft MVP - Active Directory
(e-mail address removed), (e-mail address removed)
http://ladava.com
 
M

Mike Marshall

-----Original Message-----
FTP server requires Logon Locally right for the users which access the
server. Check, that your users have this right.

--
Regards

Matjaz Ladava, MCSE, MCSA, MVP
Microsoft MVP - Active Directory
(e-mail address removed), (e-mail address removed)
http://ladava.com




.
Click to expand...
YIKES! That seems a bit steep. So, in essence, I need
to asllow all of my internal users the log on locally
right? On a Domain Controller? This seems to be a bad
situation. However, if it must be, it must be. I would
need to make this change on both the Local Securitry
Policy and the Default Domain Controller Policy then,
right?

Thank you very much. I knew that it had to be something
really simply like this.

Mike
 
M

Matjaz Ladava [MVP]

Yes, that is why it is not advised to run FTP on DC :). You have to change
only Domain Controller Security Policy. Be aware, that this affects all
DC's.

--
Regards

Matjaz Ladava, MCSE, MCSA, MVP
Microsoft MVP - Active Directory
(e-mail address removed), (e-mail address removed)
http://ladava.com
 
M

Mike Marshall

-----Original Message-----
Yes, that is why it is not advised to run FTP on DC :). You have to change
only Domain Controller Security Policy. Be aware, that this affects all
DC's.

--
Regards

Matjaz Ladava, MCSE, MCSA, MVP
Microsoft MVP - Active Directory
(e-mail address removed), (e-mail address removed)
http://ladava.com




.
Click to expand...
Got it. I wish that the people who set this up before me
had thought about that. However, in all fairness to them
this is a Small Business Server situation and is the only
server in the environment. I guess that there is really
no choice. I will just have to take all the precautions
that I can.

Thank you for you information.

Mike
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Group nesting troubles 4
W2000 Native Domain & W95 3
Trust relationship 1
NTFS Permission to deny user to copy files 3
Access problems. 1
Simple Active Directory Directory Sharing Problem 1
Ftp and Logon locally rights 3
FTP ? 11

Top