locked
FTP write/delete not working RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    User-146782312 posted

    I have a Windows 2016 server with IIS 10.  
    I am having problems setting up the NTFP permissions to allow FTP write/delete to my Users' virtual web folders.  My users have write problems when they are using any FTP client (FileZilla, etc).  

    Here are the settings I have tried in IIS and on the server folders.

    IIS Server>FTP Authentication - Anonymous Authentication=Disabled, Basic Authentication=Disabled
    IIS Server>FTP Authorization Rules=None
       Site>FTP Authentication - Anonymous Authentication=Disabled, Basic Authentication=Enabled
       Site>FTP Authorization Rules=Allow All Users
       Site>FTP User Isolation=Do not isolate user. Start users in FTP root directory
          Virtual Web Folder>FTP Authorization Rules=Allow All Users

    NTFS Permissions - With these permissions my FTP Users can List all folders and files, but they cannot write or delete.
    C:\InetPub
      Creater Owner=Special, System=Full, Administrators=Full, Users=(read, list, execute, special)
    C:\InetPub\wwwroot
      Creater Owner=Special, System=Full, Administrators=Full, Users=(read, list, execute), 
      Internet Guest Account=(read, list, execute), Network Service=(read, list, execute)
    C:\InetPub\wwwroot\UserFolder
      Creater Owner=Special, System=Full, Administrators=Full, Users=(read, list, execute), 
      Internet Guest Account=(read, list, execute), Network Service=(read, list, execute), Network=(read, list, execute), Interactive=list
      Domain\User=Full Control

    If I add Modify permissions to the Users Group on the C:\InetPub\wwwroot\UserFolder, my users can (read, write, list, and delete).  The problem is that they can also modify other UserFolders.

    Tuesday, March 16, 2021 4:01 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    User1065476709 posted

    Hi smith_ja,

    Here are the settings I have tried in IIS and on the server folders.

    IIS Server>FTP Authentication - Anonymous Authentication=Disabled, Basic Authentication=Disabled
    IIS Server>FTP Authorization Rules=None
       Site>FTP Authentication - Anonymous Authentication=Disabled, Basic Authentication=Enabled
       Site>FTP Authorization Rules=Allow All Users
       Site>FTP User Isolation=Do not isolate user. Start users in FTP root directory
          Virtual Web Folder>FTP Authorization Rules=Allow All Users

    NTFS Permissions - With these permissions my FTP Users can List all folders and files, but they cannot write or delete.

    Please make sure that the write/delete permissions for whatever user/group had to exist in the Authentication rules at the Default site level.

    Best regards,

    Sam

    Wednesday, March 17, 2021 1:56 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User-146782312 posted

    These are the settings for the default web site.  I added FTP Publishing to this site.
       Default Site>FTP Authentication - Anonymous Authentication=Disabled, Basic Authentication=Enabled
       Default Site>FTP Authorization Rules=Allow All Users
       Default Site>Basic Settings>Physical Path>C:\InetPub\wwwroot>Connect As=Domain\iusr_cluster

    Currently all authenticated Domain Users can Modify all files and folders in the Default Site.  This is bad.  I want only Administrators to be able to Modify all files and folders.  I want authenticated Domain Users to be restricted to only be able to Modify Files in their assigned folders.

    Here are my current NTFS settings.  Please tell me how to fix this.

    C:\InetPub\wwwroot
    System=Full, Network Service=(read,list,execute), Administrators=Full, Users=(read,list,execute), Domain\iusr_cluster=(read,list,execute)

    C:\InetPub\wwwroot\UserFolder1
    Inherit these NTFS folder settings from Parent ... System=Full, Network Service=(read,list,execute), Administrators=Full, Users=(read,list,execute), Domain\iusr_cluster=(read,list,execute)
    Add this NTFS folder setting ... Domain\User1

    C:\InetPub\wwwroot\UserFolder2
    Inherit these NTFS folder settings from Parent ... System=Full, Network Service=(read,list,execute), Administrators=Full, Users=(read,list,execute), Domain\iusr_cluster=(read,list,execute)
    Add this NTFS folder setting ... Domain\User2

    Wednesday, March 17, 2021 6:24 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User1065476709 posted

    Hi smith_ja,

    Here are my current NTFS settings.  Please tell me how to fix this.

    Again, please make sure that the write/delete permissions for whatever user/group had to exist in the Authentication rules at the Default site level.

    Best regards,

    Sam

    Friday, March 19, 2021 5:22 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User-146782312 posted

    I'm not quite sure what you are trying to tell me.  Here are my authentication rules for the default web site

    Authentication=Enabled

       Default Site>Anonymous, Basic, and Windows Authentication are all Enabled
       Default Site>FTP Authorization Rules=Allow All Users
       Default Site>Basic Settings>Physical Path>C:\InetPub\wwwroot>Connect As=Domain\iusr_cluster

    Friday, March 19, 2021 12:42 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User-146782312 posted

    I found the answer to my problem.  I had to set the ftp connect as to pass through authentication.  I then gave server\users read access to all folders and folder owners modify access to their assigned folders.

    Tuesday, March 23, 2021 1:13 PM