| Author |
Isolate Users IIS6 FTP Virtual Dir as user homedir is possible?
|
|
| Victor Y. Sklyar 2005-09-02, 7:49 am |
| Hello all.
I need organise next file struct on IIS6 FTP server.
ftproot
|
|---Admin1 (homedir for Admin1)
| |---User1 (homedir for User1)
| |---User2
|
|---Admin2
| |---User3
| |---UserN
It is 2 type of ftp-user: Admin and User.
I want User cannot see any other resources except own homedir.
I know that 'Isolate User' mode do it. But how can I organise my file
struct?
My first idea was
ftproot
|
|---LocalUser
| |
| |---Admin1
| | |---User1
| | |---User2
| |
| |---Admin2
| | |---User3
| | |---UserN
| |
| |---User1 (empty dir, link on ftproot\LocalUser\Admin1\User1)
| |---User2 (empty dir, link on ftproot\LocalUser\Admin1\User2)
| |---User3 (empty dir, link on ftproot\LocalUser\Admin2\User3)
But how can I create this link?
Can I user Isolate User Mode + VirtualDir?
Ilosate User Mode + NTFS Reparse Points?
The method with NTFS Reparse Points works too(!) slowly while update files
on ftp... Why? Delay about 30 sec... After file updating if at once
dowload this file back it will old verison....
Thanks.
---
W2K3 EE SP1 IIS6 NTFS
| |
| Jeff Cochran 2005-09-02, 7:49 am |
| On Fri, 2 Sep 2005 11:35:30 +0300, "Victor Y. Sklyar"
<sklyar@alarit.com> wrote:
>Hello all.
>
>I need organise next file struct on IIS6 FTP server.
>
>ftproot
> |
> |---Admin1 (homedir for Admin1)
> | |---User1 (homedir for User1)
> | |---User2
> |
> |---Admin2
> | |---User3
> | |---UserN
>
>It is 2 type of ftp-user: Admin and User.
>
>I want User cannot see any other resources except own homedir.
>I know that 'Isolate User' mode do it. But how can I organise my file
>struct?
>
>My first idea was
>
>ftproot
> |
> |---LocalUser
> | |
> | |---Admin1
> | | |---User1
> | | |---User2
> | |
> | |---Admin2
> | | |---User3
> | | |---UserN
> | |
> | |---User1 (empty dir, link on ftproot\LocalUser\Admin1\User1)
> | |---User2 (empty dir, link on ftproot\LocalUser\Admin1\User2)
> | |---User3 (empty dir, link on ftproot\LocalUser\Admin2\User3)
>
>But how can I create this link?
>Can I user Isolate User Mode + VirtualDir?
>Ilosate User Mode + NTFS Reparse Points?
>
>The method with NTFS Reparse Points works too(!) slowly while update files
>on ftp... Why? Delay about 30 sec... After file updating if at once
>dowload this file back it will old verison....
Isolated users has a specific folder structure that is required. You
can use virtual folders to get around this, but many clients will not
display the virtual folder name.
Jeff
| |
| Victor Y. Sklyar 2005-09-02, 7:49 am |
| Hello Jeff
you wrote:
JC> Isolated users has a specific folder structure that is required.
JC> You can use virtual folders to get around this, but many clients will
not
JC> display the virtual folder name.
Yea, I see and my folders struct is right (see above). I create User1(2,N)
as subfolder LocalUser. Is that right? can I make it Virtual? and point on
other real directory?
| |
| Victor Y. Sklyar 2005-09-02, 5:57 pm |
| Hello Me ;)
about using NTFS Reparse Points..
> VYS
====begin=======
ftproot
|
|---LocalUser
| |
| |---Admin1
| | |---User1
| | |---User2
| |
| |---Admin2
| | |---User3
| | |---UserN
| |
| |---User1 (empty folder - NTFS reparse point on Admin1\User1)
| |---User2 (empty folder - NTFS reparse point on Admin1\User2)
| |---User3 (empty folder - NTFS reparse point on Admin2\User3)
===end==
VYS> Ilosate User Mode + NTFS Reparse Points?
VYS> The method with NTFS Reparse Points works too(!) slowly while update
files
VYS> on ftp... Why? Delay about 30 sec... After file updating if at once
VYS> dowload this file back it will old verison....
I have installed 3th software "Quick 'n Easy FTP" (Pablo Software Solutions)
and used NTFS Reparse Points as homedir and see NO ANY DELAY!!!
I draw a conclusion: IT IS STRANGE behaviour IIS6 FTP...
But why IIS caching files at too long time slice??? How we can handel it?
---
W2K3 EE SP1 IIS6 NTFS
| |
| Chris Crowe [MVP] 2005-09-02, 8:48 pm |
| Basically from what I see you can not do what you want using NON AD Isolated
Users
When using NON AD Isolated users you will need to create a folder called
"LocalUser" which you know.
Then the folders inside there are named as the user code.
so they all follow the same hierarchy
Admin1
User1
User2
Admin2
User3
User4
The only way I think you can do what you want is to use AD Isolated Users
where you specify the FTPROOT and the FTPDIR for each user
This way
You specify the following:
Admin1
FTPRoot = c:\inetpub\ftproot\users
FTPDir = Admin1
User1
FTPRoot = c:\inetpub\ftproot\users\admin1
FTPDir = User1
User2
FTPRoot = c:\inetpub\ftproot\users\admin1
FTPDir = User2
Using non AD isolated you would need to have a flat structure, but you still
could have directories for ADMIN1 with virtual directories linked to User1
and User2
As far as Admin1 is concerned when connecting via FTP he has User1 and User2
as child folders but of course they are not.
Hope this helps.
See my blog http://blog.crowe.co.nz/archive/2005/09/03/246.aspx for details
on using the flat structure with child folders - quite a hassle to maintain
whereas the AD isolated would be the way to go to get the method you want.
--
Cheers
Chris
Chris Crowe [IIS MVP]
http://blog.crowe.co.nz
"Victor Y. Sklyar" <sklyar@alarit.com> wrote in message
news:eLdz4k5rFHA.260@TK2MSFTNGP11.phx.gbl...
> Hello all.
>
> I need organise next file struct on IIS6 FTP server.
>
> ftproot
> |
> |---Admin1 (homedir for Admin1)
> | |---User1 (homedir for User1)
> | |---User2
> |
> |---Admin2
> | |---User3
> | |---UserN
>
> It is 2 type of ftp-user: Admin and User.
>
> I want User cannot see any other resources except own homedir.
> I know that 'Isolate User' mode do it. But how can I organise my file
> struct?
>
> My first idea was
>
> ftproot
> |
> |---LocalUser
> | |
> | |---Admin1
> | | |---User1
> | | |---User2
> | |
> | |---Admin2
> | | |---User3
> | | |---UserN
> | |
> | |---User1 (empty dir, link on ftproot\LocalUser\Admin1\User1)
> | |---User2 (empty dir, link on ftproot\LocalUser\Admin1\User2)
> | |---User3 (empty dir, link on ftproot\LocalUser\Admin2\User3)
>
> But how can I create this link?
> Can I user Isolate User Mode + VirtualDir?
> Ilosate User Mode + NTFS Reparse Points?
>
> The method with NTFS Reparse Points works too(!) slowly while update files
> on ftp... Why? Delay about 30 sec... After file updating if at once
> dowload this file back it will old verison....
>
> Thanks.
>
> ---
> W2K3 EE SP1 IIS6 NTFS
>
| |
| Victor Y. Sklyar 2005-09-05, 7:48 am |
| Hello Chris.
I read you message. Thanks. It explains me some aspects of Virtual Dirs in
NON AD Isolated User Mode.
But I don't known how to cteate Virtual Dir 'User1'
(ftproot\LocalUser\User1) for Admin1?
So User2 cannot type 'cd User1' and pass in...
And I read your blog.
CC> See my blog http://blog.crowe.co.nz/archive/2005/09/03/246.aspx for
details
CC> on using the flat structure with child folders - quite a hassle to
maintain
CC> whereas the AD isolated would be the way to go to get the method you
want.
Is the way to create Virtual Dir for one ftp-user only? How?
Each user can type "cd Shared" and go to this folder, but If I don't want
it?..
| |
| Chris Crowe [MVP] 2005-09-05, 5:58 pm |
| I think in this situation you would be better off with a different FTP
server - the Microsoft FTP server is quite limited compared to 3rd party
products.
--
Cheers
Chris
Chris Crowe [IIS MVP]
http://blog.crowe.co.nz
"Victor Y. Sklyar" <sklyar@alarit.com> wrote in message
news:emNi7VfsFHA.332@tk2msftngp13.phx.gbl...
> Hello Chris.
>
> I read you message. Thanks. It explains me some aspects of Virtual Dirs in
> NON AD Isolated User Mode.
>
> But I don't known how to cteate Virtual Dir 'User1'
> (ftproot\LocalUser\User1) for Admin1?
> So User2 cannot type 'cd User1' and pass in...
>
> And I read your blog.
>
> CC> See my blog http://blog.crowe.co.nz/archive/2005/09/03/246.aspx for
> details
> CC> on using the flat structure with child folders - quite a hassle to
> maintain
> CC> whereas the AD isolated would be the way to go to get the method you
> want.
>
> Is the way to create Virtual Dir for one ftp-user only? How?
> Each user can type "cd Shared" and go to this folder, but If I don't want
> it?..
>
| |
| Jeff Cochran 2005-09-05, 10:41 pm |
| On Mon, 5 Sep 2005 11:41:23 +0300, "Victor Y. Sklyar"
<sklyar@alarit.com> wrote:
>Hello Chris.
>
>I read you message. Thanks. It explains me some aspects of Virtual Dirs in
>NON AD Isolated User Mode.
>
>But I don't known how to cteate Virtual Dir 'User1'
>(ftproot\LocalUser\User1) for Admin1?
>So User2 cannot type 'cd User1' and pass in...
NTFS permissions. Set appopriate permissions on each virtual
directory, and the physical directory they attach to.
>And I read your blog.
>
>CC> See my blog http://blog.crowe.co.nz/archive/2005/09/03/246.aspx for
>details
>CC> on using the flat structure with child folders - quite a hassle to
>maintain
>CC> whereas the AD isolated would be the way to go to get the method you
>want.
>
>Is the way to create Virtual Dir for one ftp-user only? How?
>Each user can type "cd Shared" and go to this folder, but If I don't want
>it?..
Then create a virtual directory for each user. They can't be
identical names, but you can always use the username as directory
name.
Jeff
|
|
|
|