Shulou(Shulou.com)06/03 Report--

FTP (File transfer Protocol) is an ancient protocol in the Internet. The function of FTP server is similar to that of file server, allowing client users to download or upload files from the server.

The FTP server adopts the client / server working mode, and the client and server connect with each other using TCP protocol.

User isolation is an important feature of FTP services in Windows Server 2008 R2 systems. If users are not isolated, all users will be directed to the home directory of the FTP site by default and see the same content after logging in to the FTP site. By isolating users, users can have their own private directory. After logging in to the FTP site, users will be directed to this dedicated directory and can be restricted to their own dedicated directory, that is, they cannot switch to other users' exclusive directories, so they can only view or modify files in their own private directories. For anonymous users, you can set up a public directory, and if you log in as an anonymous user, you will see the same public content.

Open "FTP user isolation" in [IIS Manager]. The system defaults to not isolating users, and all users are automatically directed to the FTP root directory. To enable user isolation, select the username directory below (disable the global virtual directory), and then click the apply link on the right.

Then we need to set up a dedicated directory for users who have permission to log in to FTP. The user's dedicated directory must be a subdirectory under the home directory of the FTP site, either a physical directory or a virtual directory.

Depending on the type of user, there are the following types of exclusive directories:

Localuser\ user name: the localuser folder is a folder dedicated to the local user, and the user name is the local user name. You need to create a new dedicated subfolder under the localuser folder for each local user who needs to log in to the FTP site, and the folder name needs to be the same as the user name.

Localuser\ public: when a user logs in anonymously, he or she is directed to the public folder.

Domain name\ user name: if the user uses a domain user account to log in to the FTP site, you need to first create a dedicated folder for the domain with the same name as the NetBIOS domain name; then create a dedicated subfolder under this folder for each domain user who needs to log in to the FTP site, with the same folder name as the user name.

Let's take the local user admin, the domain user coolpen\ lisi, and anonymous users as examples to set up user isolation. The following folders need to be established under the home directory of the FTP site:

Place the corresponding test files in each folder, and then log in on the client with a different user identity, you can find that they are directed to different dedicated folders.

If you need to assign upload permissions to a user, as with the previous settings, you first need to add authorization rules to the FTP Authorization rules, and then set the NTFS permissions for the user's private directory.

In fact, if you want to update a Web site with FTP services, it is not possible to create a corresponding FTP site for each site on the Web server. If you use user isolation, you only need to set up a FTP site, then set up a home directory for each Web site in the FTP home directory, and then establish a corresponding user account in the server, so that you can update all Web sites with only one FTP site.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.