No announcement yet.

FTP Folder Permissions

  • Filter
  • Time
  • Show
Clear All
new posts

  • FTP Folder Permissions

    Hello, I hope someone can point me in the right direction here. My ftp server has it's FTP root directory on drive D:\ and recently I had the C:\ crash on me. I replaced the bad C:\ and reinstalled Windows 2000 server (I know...) on the C:\ and re-created the FTP server. All my data is ok on the D:\ but I had to re-create all the user accounts and now the permissions to the folders on D:\ are not correct.

    What I did was create a local user group called FTP and I put all the FTP users in this group. I gave the authenticated users and everyone full control to the FTP folder and then within the /priv/ folder I assigned each user full control to the folder associated with their account. Right now if I log in as one of the FTP users or even if I log in as the local administrator to the FTP service I can download from the appropriate folders, but I can only upload files to the root directory of the associated folder. So for example account Bob can download anything from the /priv/bob/ folder or any subfolders but if Bob logs in and tries to upload to /priv/bob/test/ he gets access denied he can only upload to /priv/bob/ even though his permissions are the same on both folders.
    any ideas why he can't upload to his own folders?

  • #2
    Re: FTP Folder Permissions

    Is permissions inheritance enabled?
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    IT Trainer / Consultant
    Ossian Ltd

    ** Remember to give credit where credit is due and leave reputation points where appropriate **


    • #3
      Re: FTP Folder Permissions

      Yes, the folders inherit permissions from the root FTP directory. I just tested and if I'm logged in as Bob I can not only read and download form the root of the Bob Directory, but also from the root of other users folders as well so I'm really giving out too many permissions in some areas but for some reason still not enough permissions in the sub folders.


      • #4
        Re: FTP Folder Permissions

        I think I figured it out. I don't want permissions to propogate. I have the FTP folder and I give authenticated users full control to it. Below I have the priv and give authenticated users full control but neither of these permissions are set to propogate. Then in the priv folder is each user's directory and I assign directly to each folder the user that needs access and give them full control.

        Would this allow the user to only access their own folder? The will see the other user folders but have no permissions to them at all. Does this sound like it will work?


        • #5
          Re: FTP Folder Permissions

          I set the FTP folder share permissions to give full control to Authenticated users and Administrators then the NTFS permissions on that folder gave full control to administrators and give read, write, list folders to authenticated users. These permissions propogate to the two sub folders Priv and pub. Then propogation stops there. In Priv each user has their own folder. On each of those folders the administator owns the folder and the administrators group has full control. The user whose folder it is has modify. These permissions apply to all sub folders of the users folder.
          Now these users get a deny when trying to see any one elses folder which is good, but they can only write to their folder. If they try writing to a sub folder they can't and if they try writing to the ftp\priv folder they can't. I get the same results even if I log in as the administrator. Where are these write permissions being blocked?