Discussion:
FTP 結合 AD 驗證,權限有問題
(时间太久无法回复)
mason
2006-01-04 07:08:03 UTC
Permalink
目前在FTP目錄中,分別建立AD中每位使用者專屬的個人目錄,唯有個人才能存取

但今日遇到一個問題,當一使用者在AD上有帳號及密碼時,僅能看到自己的個人目錄;而若一使用者在AD上有帳號無密碼時,將可看到所有的目錄,也能進入想去的目錄中讀取、新增,唯獨不能刪除。

而若不改變使用者的密碼時,是否有解決的方法?

環境為 NAS 系統,OS為2003

麻煩大家提供解決之道,謝謝
Bernard Cheah [MVP]
2006-01-04 07:39:05 UTC
Permalink
This can't be true! the user only can see and access other users folder
provided if he/she has the appropriate NTFS permission.
do you configure any user isolation ? or just the normal ftp type?
--
Regards,
Bernard Cheah
http://www.iis-resources.com/
http://www.iiswebcastseries.com/
http://msmvps.com/blogs/bernard/
¥Ø«eŠbFTP¥Ø¿ý€€¡A€À§O«Ø¥ßAD€€šCŠìšÏ¥ÎªÌ±MÄݪº­Ó€H¥Ø¿ý¡A°ßŠ³­Ó€H€~¯àŠsšú
ŠÓ­Y€£§ïÅܚϥΪ̪º±KœX®É¡A¬O§_Š³žÑšMªº€èªk¡H
Àô¹Ò¬° NAS št²Î¡AOS¬°2003
³Â·Ð€j®aŽ£šÑžÑšM€§¹D¡AÁÂÁÂ
mason
2006-01-06 09:03:02 UTC
Permalink
因原本的用意是在一FTP目錄下,每位使用者有專屬的目錄,彼此之間無法互相存取。而FTP是採用預設FTP站台,其無限制使用者。而當我另增一FTP站台時,可選擇採用AD認證,但另一個問題發生了,因AD和FTP的主機是不同台,所以在認證上有問題,而且,似乎若要每個人都要有專屬的目錄時,則需新建一FTP站台。請問是否有相關的文件可參考(己看過市面上的書籍,卻無法解決問題),謝謝大家的回覆。


"Bernard Cheah [MVP]" 來函:
Post by Bernard Cheah [MVP]
This can't be true! the user only can see and access other users folder
provided if he/she has the appropriate NTFS permission.
do you configure any user isolation ? or just the normal ftp type?
--
Regards,
Bernard Cheah
http://www.iis-resources.com/
http://www.iiswebcastseries.com/
http://msmvps.com/blogs/bernard/
Post by mason
目前在FTP目錄中,分別建立AD中每位使用者專屬的個人目錄,唯有個人才能存取
但今日遇到一個問題,當一使用者在AD上有帳號及密碼時,僅能看到自己的個人目錄;而若一使用者在AD上有帳號無密碼時,將可看到所有的目錄,也能進入想去的目錄中讀取、新增,唯獨不能刪除。
而若不改變使用者的密碼時,是否有解決的方法?
環境為 NAS 系統,OS為2003
麻煩大家提供解決之道,謝謝
Bernard Cheah [MVP]
2006-01-06 10:04:30 UTC
Permalink
Ok, in your case, if I read you correctly, you would like to have an AD user
isolation setup.
With IIS 6 on W2k3, you can do it. refer
Creating a New FTP Site with Isolate Users Using Active Directory Mode (IIS
6.0)
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/29753aec-35b7-4929-b0a5-846474f627ba.mspx

Setting Active Directory User Isolation Using Iisftp.vbs (IIS 6.0)
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/12a3d96c-65ea-4210-96ad-86a801f6a88c.mspx
--
Regards,
Bernard Cheah
http://www.iis-resources.com/
http://www.iiswebcastseries.com/
http://msmvps.com/blogs/bernard/
"Bernard Cheah [MVP]" šÓšç¡G
Post by Bernard Cheah [MVP]
This can't be true! the user only can see and access other users folder
provided if he/she has the appropriate NTFS permission.
do you configure any user isolation ? or just the normal ftp type?
--
Regards,
Bernard Cheah
http://www.iis-resources.com/
http://www.iiswebcastseries.com/
http://msmvps.com/blogs/bernard/
¥Ø«eŠbFTP¥Ø¿ý€€¡A€À§O«Ø¥ßAD€€šCŠìšÏ¥ÎªÌ±MÄݪº­Ó€H¥Ø¿ý¡A°ßŠ³­Ó€H€~¯àŠsšú
ŠÓ­Y€£§ïÅܚϥΪ̪º±KœX®É¡A¬O§_Š³žÑšMªº€èªk¡H
Àô¹Ò¬° NAS št²Î¡AOS¬°2003
³Â·Ð€j®aŽ£šÑžÑšM€§¹D¡AÁÂÁÂ
继续阅读narkive:
Loading...