|
Home > Archive > IIS FTP Server > August 2004 > FTP service bypass NTFS permissions on DC
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
FTP service bypass NTFS permissions on DC
|
|
| Darren H Gill 2004-08-27, 6:17 pm |
| We have several small offices linked by VPN. These offices have a single
Domain controller server which is also the branch office file server.
The Files in the shares have restrictive NTFS permissions set, in some
cases to a single user with even Domain Admins having no permissions on the
ACL
Because UNC file access is really slow over our VPN WAN I set up FTP
services on a non-default port for each server to allow head office
usersaccess to the branch files.
This seemed great, file access rate was vastly improved, however, it was
quickly discovered that users could access files and folders that they had
no rights to.
Any suggestions?
Darren Gill
| |
| Jeff Cochran 2004-08-27, 6:17 pm |
| On Thu, 26 Aug 2004 10:29:05 +0100, "Darren H Gill"
<darren.gill@c21code.ltd.uk> wrote:
>We have several small offices linked by VPN. These offices have a single
>Domain controller server which is also the branch office file server.
>
>The Files in the shares have restrictive NTFS permissions set, in some
>cases to a single user with even Domain Admins having no permissions on the
>ACL
>
>Because UNC file access is really slow over our VPN WAN I set up FTP
>services on a non-default port for each server to allow head office
>usersaccess to the branch files.
>
>This seemed great, file access rate was vastly improved, however, it was
>quickly discovered that users could access files and folders that they had
>no rights to.
>
>Any suggestions?
Check permissions for the FTP account being used. You don't mention
operating system version, but if you look at the docuemntation for
your version you'll see how to limit access.
Jeff
|
|
|
|
|