IIS FTP With Active Directory, Access Problembs have occoured!

I have a FTP site running on Port 21 on Win Server 03. The Ftp server is
set up with AD isolation. users files are stored in B:\FTPROOT\<USER> .
For example, user Philip has his ftproot set to b:\FTPROOT and FTPdir
set to Philip which gives the path B:\FTPROOT\Philip . This folder
exists and contains file "Test.txt", 4kb. Security settings for the
folder are:

Allow:

Everyone | Read
Philip | Full Control
Administrators | Full Control
SYSTEM | Full Control

Deny:

(None)

Philip is the owner of the folder. Notice that CREATOR OWNER does not
appear on the list, If you give CREATOR OWNER full control then in the
advanced permissions dialouge it shows up as Full Control but in the
simple one it shows as special permissions only. Thinking that this was
causing the error I removed CREATOR OWNER but this changed nothing.

When trying to upload anything to the folder you get error 550 and it
fails, I know 550 is Access Denied but user Philip has full access and
there is no deny security options set.

Any idea of what is going wrong?

Thanks

Kingsley Jarrett

(Please excuse poor spelling and punctuation)

What about the IIS default permissions? the anonymous access through ftp? is
there any autintication for this access?

This link will help you to reconfigure the IIS permissions for FTP folders:
http://support.microsoft.com/default...b;en-us;310723

The special permissions includes the creator owner for documents, so it wont
appear in the simple DACL , it will appear when you view the advanced DACL.



"Kinglsey Jarrett" wrote:

> I have a FTP site running on Port 21 on Win Server 03. The Ftp server is
> set up with AD isolation. users files are stored in B:\FTPROOT\<USER> .
> For example, user Philip has his ftproot set to b:\FTPROOT and FTPdir
> set to Philip which gives the path B:\FTPROOT\Philip . This folder
> exists and contains file "Test.txt", 4kb. Security settings for the
> folder are:
>
> Allow:
>
> Everyone | Read
> Philip | Full Control
> Administrators | Full Control
> SYSTEM | Full Control
>
> Deny:
>
> (None)
>
> Philip is the owner of the folder. Notice that CREATOR OWNER does not
> appear on the list, If you give CREATOR OWNER full control then in the
> advanced permissions dialouge it shows up as Full Control but in the
> simple one it shows as special permissions only. Thinking that this was
> causing the error I removed CREATOR OWNER but this changed nothing.
>
> When trying to upload anything to the folder you get error 550 and it
> fails, I know 550 is Access Denied but user Philip has full access and
> there is no deny security options set.
>
> Any idea of what is going wrong?
>
> Thanks
>
> Kingsley Jarrett
>
> (Please excuse poor spelling and punctuation)
>

There is no option to disable anon access because I have set it up using
AD Authentication. The only options are "FTP Site", "Messages" and
"Directory Security" which only contains TCP/IP Access restrictions (All
computers will be granted access)


Zer0byte wrote:
> What about the IIS default permissions? the anonymous access through ftp? is
> there any autintication for this access?
>
> This link will help you to reconfigure the IIS permissions for FTP folders:
> http://support.microsoft.com/default...b;en-us;310723
>
> The special permissions includes the creator owner for documents, so it wont
> appear in the simple DACL , it will appear when you view the advanced DACL.
>
>
>
> "Kinglsey Jarrett" wrote:
>
>
>>I have a FTP site running on Port 21 on Win Server 03. The Ftp server is
>>set up with AD isolation. users files are stored in B:\FTPROOT\<USER> .
>>For example, user Philip has his ftproot set to b:\FTPROOT and FTPdir
>>set to Philip which gives the path B:\FTPROOT\Philip . This folder
>>exists and contains file "Test.txt", 4kb. Security settings for the
>>folder are:
>>
>>Allow:
>>
>>Everyone | Read
>>Philip | Full Control
>>Administrators | Full Control
>>SYSTEM | Full Control
>>
>>Deny:
>>
>>(None)
>>
>>Philip is the owner of the folder. Notice that CREATOR OWNER does not
>>appear on the list, If you give CREATOR OWNER full control then in the
>>advanced permissions dialouge it shows up as Full Control but in the
>>simple one it shows as special permissions only. Thinking that this was
>>causing the error I removed CREATOR OWNER but this changed nothing.
>>
>>When trying to upload anything to the folder you get error 550 and it
>>fails, I know 550 is Access Denied but user Philip has full access and
>>there is no deny security options set.
>>
>>Any idea of what is going wrong?
>>
>>Thanks
>>
>>Kingsley Jarrett
>>
>>(Please excuse poor spelling and punctuation)
>>

So you have to review the NTFS , folders and files permissions.

"Kinglsey Jarrett" wrote:

> There is no option to disable anon access because I have set it up using
> AD Authentication. The only options are "FTP Site", "Messages" and
> "Directory Security" which only contains TCP/IP Access restrictions (All
> computers will be granted access)
>
>
> Zer0byte wrote:
> > What about the IIS default permissions? the anonymous access through ftp? is
> > there any autintication for this access?
> >
> > This link will help you to reconfigure the IIS permissions for FTP folders:
> > http://support.microsoft.com/default...b;en-us;310723
> >
> > The special permissions includes the creator owner for documents, so it wont
> > appear in the simple DACL , it will appear when you view the advanced DACL.
> >
> >
> >
> > "Kinglsey Jarrett" wrote:
> >
> >
> >>I have a FTP site running on Port 21 on Win Server 03. The Ftp server is
> >>set up with AD isolation. users files are stored in B:\FTPROOT\<USER> .
> >>For example, user Philip has his ftproot set to b:\FTPROOT and FTPdir
> >>set to Philip which gives the path B:\FTPROOT\Philip . This folder
> >>exists and contains file "Test.txt", 4kb. Security settings for the
> >>folder are:
> >>
> >>Allow:
> >>
> >>Everyone | Read
> >>Philip | Full Control
> >>Administrators | Full Control
> >>SYSTEM | Full Control
> >>
> >>Deny:
> >>
> >>(None)
> >>
> >>Philip is the owner of the folder. Notice that CREATOR OWNER does not
> >>appear on the list, If you give CREATOR OWNER full control then in the
> >>advanced permissions dialouge it shows up as Full Control but in the
> >>simple one it shows as special permissions only. Thinking that this was
> >>causing the error I removed CREATOR OWNER but this changed nothing.
> >>
> >>When trying to upload anything to the folder you get error 550 and it
> >>fails, I know 550 is Access Denied but user Philip has full access and
> >>there is no deny security options set.
> >>
> >>Any idea of what is going wrong?
> >>
> >>Thanks
> >>
> >>Kingsley Jarrett
> >>
> >>(Please excuse poor spelling and punctuation)
> >>
>