Deploying user-Isolated FTP sites for Windows server2012

Source: Internet
Author: User
Tags ftp site ftp port number

Isolation is the isolation of users in their own folders, also in the home directory, unable to view and modify other users ' directories and files. Doing so can improve the security of the file server.

The general idea of creating user isolation is that we need to build the LocalUser folder in the site's home directory, which is to hold the user's home directory and the anonymous access directory. After building the LocalUser folder, the next step is to build the user's home directory folder and the anonymous Access folder under LocalUser. Note The user's home directory folder must correspond to the user's login name one by one, and the anonymous Access folder must be public, otherwise invalid.

Here to explain, anonymous access to the folder is the site configuration allows anonymous access in the case of anonymous users logged in to the folder, the content of the folder is open to anonymous users.

Similarly, we need to prepare three server Server01 (domain control), Server02 (IIS), server03 (client). The specific experimental steps are as follows:

First we will install the FTP server on the SERVER02, select Server Manager to add roles and features, such as:

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image002 "border=" 0 "alt=" clip_ image002 "src=" http://s3.51cto.com/wyfs02/M02/6D/8F/wKioL1Vmj2TyUIJVAAEQ1-FZGio120.jpg "height=" 307 "/>

Next, check the FTP server in the Web server (IIS) and click Next.

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image004 "border=" 0 "alt=" clip_ image004 "src=" http://s3.51cto.com/wyfs02/M00/6D/8F/wKioL1Vmj2jjH8hoAAFqit-QlHA118.jpg "height=" 402 "/>

Click "Next" to proceed,

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image006 "border=" 0 "alt=" clip_ image006 "src=" http://s3.51cto.com/wyfs02/M01/6D/8F/wKioL1Vmj2ii59DeAAESL7j3Kw8965.jpg "height=" 398 "/>

Next, click on "Install", such as:

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image008 "border=" 0 "alt=" clip_ image008 "src=" http://s3.51cto.com/wyfs02/M01/6D/93/wKiom1VmjdbhkCuuAAD-sdj6-zQ092.jpg "height=" 407 "/>

After installing the FTP service, we want to create a new user on the FTP server, for demonstration convenience, I use the command directly to operate, such as:

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image010 "border=" 0 "alt=" clip_ image010 "src=" http://s3.51cto.com/wyfs02/M02/6D/93/wKiom1VmjdfwZQFCAAEco6Pwd2s510.jpg "height=" 389 "/>

Next, create the site home directory ftproot, user directory LocalUser, the anonymous Access folder must be public, note: The directory name must be identical to the user name. Such as:

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image012 "border=" 0 "alt=" clip_ image012 "src=" http://s3.51cto.com/wyfs02/M00/6D/93/wKiom1VmjdrQDz0qAADEPr-3CZ4622.jpg "height=" 197 "/>

Next, we open IIS Manager, select Web site--right--Add an FTP site, such as:

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image014 "border=" 0 "alt=" clip_ image014 "src=" http://s3.51cto.com/wyfs02/M01/6D/93/wKiom1VmjdrwtbpgAAFDP1FEI7o076.jpg "height=" 298 "/>

Next, we named the site as FTPRoot, the physical path to fill in the site root directory we created, such as:

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image016 "border=" 0 "alt=" clip_ image016 "src=" http://s3.51cto.com/wyfs02/M02/6D/8F/wKioL1Vmj2yxsq9rAAC2XMRgXuw725.jpg "height=" 470 "/>

Next, we bind the IP,FTP port number of the IP,FTP server by default to 21,ssl select None, such as:

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image018 "border=" 0 "alt=" clip_ image018 "src=" http://s3.51cto.com/wyfs02/M02/6D/8F/wKioL1Vmj2yRlDnDAAENjehGol4558.jpg "height=" 480 "/>

Next, select Basic Authentication, read (write) permissions to all users according to the requirements, click Finish, such as:

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image020 "border=" 0 "alt=" clip_ image020 "src=" http://s3.51cto.com/wyfs02/M00/6D/8F/wKioL1Vmj23DrCi_AADq55eckBU661.jpg "height=" 494 "/>

After we add the FTP site, we will start to create user isolation, first we click on the site FTPRoot, click FTP user Isolation, double-click Open, such as:

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image022 "border=" 0 "alt=" clip_ image022 "src=" http://s3.51cto.com/wyfs02/M02/6D/93/wKiom1VmjdyhpW8RAAFQZCgRCmg078.jpg "height=" 305 "/>

Next, select the User name directory (disable global virtual directory) option and click Apply, such as:

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image024 "border=" 0 "alt=" clip_ image024 "src=" Http://s3.51cto.com/wyfs02/M01/6D/93/wKiom1VmjdzCwRHKAAEo_pRb6og970.jpg "height=" 304 "/>

The above basically completed the user isolation operation, the following we came to SERVER03 (client) machine to verify that access is effective.

In the SERVER03 Explorer input Ftp://192.168.1.102/panpan Access Panpan folder, the following login authentication will appear, we enter the corresponding user name password, such as:

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image026 "border=" 0 "alt=" clip_ image026 "src=" http://s3.51cto.com/wyfs02/M02/6D/8F/wKioL1Vmj27BxKT1AAGVZrVpWrI724.jpg "height=" 397 "/>

After authentication, we can access the contents, such as:

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image028 "border=" 0 "alt=" clip_ image028 "src=" http://s3.51cto.com/wyfs02/M00/6D/8F/wKioL1Vmj27yZu3sAAB9Om9RwTA702.jpg "height=" 149 "/>

Next we use other users to log in to access the Panpan folder to see if it will be successful, enter another user's account and password, such as:

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image030 "border=" 0 "alt=" clip_ image030 "src=" http://s3.51cto.com/wyfs02/M01/6D/8F/wKioL1Vmj26R7w6IAAGf0GZIQLA815.jpg "height=" 402 "/>

After entering the user name password, the following dialog box prompts us to not have permission to access the file, verifying that our user isolation operation has been successful ~~~!

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image032 "border=" 0 "alt=" clip_ image032 "src=" http://s3.51cto.com/wyfs02/M02/6D/8F/wKioL1Vmj27AAwegAADqAXuRuKU548.jpg "height=" 255 "/>

Next we want to connect the FTP server, run Ftp--open 192.168.1.102 (FTP server ip+ port number) on the command line, we can log on to the FTP server, download (because the previous permission is set to read-only, so only download operation) files and so on As shown in the following:

650) this.width=650; "Style=" background-image:none;border-bottom:0px;border-left:0px;padding-left:0px; padding-right:0px;border-top:0px;border-right:0px;padding-top:0px; "title=" clip_image034 "border=" 0 "alt=" clip_ image034 "src=" http://s3.51cto.com/wyfs02/M02/6D/93/wKiom1Vmjd2xPwJLAAGkXSCTqX0655.jpg "height=" 388 "/>

The above we deployed the user isolation site has been completed, the steps of the experiment is more detailed, we can also conduct experiments ah, thank you to watch, what is the ~~~~!!!

This article is from the "Days together with it" blog, so be sure to keep this source http://yuanquan.blog.51cto.com/9996673/1655897

Deploying user-Isolated FTP sites for Windows server2012

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.