Site Logo
The Microsoft Most Valuable Professional (MVP) Program was started in the mid 1990s as a way to recognise those members of the general public who devoted their time and considerable computing skills, on a voluntary basis, to helping users 'in distress' in the various newsgroups hosted by Microsoft. There are now around 1800 MVPs worldwide who actively participate in the Microsoft Technical Newsgroups. Many are IT consultants, some are published authors or technical instructors, and there are those who have no formal training but have an in-depth level of practical experience.
2002-2007
blcurve
Home > Internet Information Services > Setting up a password protected FTP Server Part 2
August 28, 2008

curve
Back
 curve
     
  curve   curve  
 

Controlling user access and permissions to your IIS FTP Server

Please note modifying permissions requires a hard disk formatted using the NTFS file system, should you need to convert your drive or want to know more about NTFS see here

To use NTFS restrictions to control user access on your server the first thing you will need to do is to disable simple file sharing. To do this open my computer, go to Tools > Folder Options and select the View tab. Scroll down the the bottom of the advanced settings list and uncheck 'Use simple file sharing'.

simple file sharing dialog

What this does is enable us to manage security setting for folders and file shares manually. Now open C:\Inetpub\ftproot right click on the file or folder you wish to restrict and view its properties. Select the security tab, then the advanced button and uncheck 'Inherit from parent the permission entries that apply to child objects. Include these with entries explicitly defined here'. Then click OK.

A message box will appear containing the following text

---------------------------
Security
---------------------------
You have denied everyone access to <Folder Name>. No one will be able to access <Folder Name> and only the owner will be able to change the permissions.

Do you wish to continue?
---------------------------
Yes No
---------------------------

Select Yes (Should you need to take ownership of a file this can be done in the owner tab of advanced). You can then add users by clicking on the 'Add' button shown under 'group or user names' (You should add your username to this list also). You require list folder contents and read to open the folder over ftp (Also list folder contents if a folder). If you are managing the permissions on a folder be sure to go back into advanced after you have created your user list and 'replace permission entries on all child objects with entries shown here that apply to child objects'. Doing this ensures all objects in a folder have the same permissions as the folder containing them.

FTP/User Home Directories

A home directory on an ftp server is the location that a particular user will go to directly when they logon. So if you have two users, one will go to one folder automatically, and the other to a different one. To the user it will appear they are at the root of the ftp server. To set this up all you need to do is create a folder at the root of the ftp with the name of the user you wish to go there. If you want to do this so the user can only read their folder you would need to ensure they had NTFS read permissions to their folder but not for the root of the FTP site or anyone elses folder.

Part 3: Virtual Directories

 
  curve  
curve
  
     
curve
curve

Copyright © 2002-2003, Mark Salloway, All Rights Reserved. All images and product names used within this site are the property of their respective copyright owners and are used as an example. Reproduction of information on this site, in any form, is prohibited without express written permission.

Microsoft is in no way affiliated with, nor offers endorsement of, this site. Members of the MVP program are not employees of the Microsoft Corporation. This site's owner assumes no liability for use of any information provided. Usage of this site's content, links and any downloadable items provided is at your own risk