FTP server configuration and management (3) user authentication and permission management

In the previous blog, we have created an FTP site and successfully accessed the FTP server as an anonymous user on the client. In addition to anonymous users, can we access them as other users? The answer is yes, and we can assign different permissions to different users. For example, anonymous users only have the download permission, while authenticated users can grant the upload permission.

First, ensure that "Basic Authentication" has been enabled in "FTP authentication", so that we can access the FTP site with the identity of a local user or a domain user.

650) this. width = 650; "border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/1U613F07-0.jpg "/>

Next, create a local user named admin on the FTP server, and then try to use it to log on to the client. If you access the FTP site using Windows Resource Manager of IE browser on the client, anonymous users are automatically logged on by default. To switch users, right-click in the blank area of the window, then run the "login" command to enter the corresponding user for authentication.

650) this. width = 650; "border =" 0 "alt =" "src =" http://img1.51cto.com/attachment/201304/204428631.jpg "/>

We can also log on with a domain user, for example, using a coolpen \ lisi user.

However, both the local user and the domain user have the same permissions as anonymous users. They only have the download permission and cannot upload files. If you want them to have the upload permission, further settings are required.

In the IIS manager of the FTP server, open "FTP Authorization Rules" and click "add allow rules" to assign read and write permissions to the admin user.

650) this. width = 650; "border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/1U613IM-2.jpg "/>

Assign the read and write permissions to the domain group "renshi.

 

650) this. width = 650; "border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/1U6131223-3.jpg "/>

After the settings are complete, we will test on the client. However, you will find that no one has the write permission, regardless of the local user admin or the member coolpen \ lisi in the domain group "renshi. This is because the FTP server permission settings are combined with the NTFS permission, that is, we must not only assign permissions to specified users in the IIS manager, you also need to set the NTFS permission for the FTP site home directory.

Return to the FTP server, set the NTFS permission for the site home directory C: \ inetpub \ ftproot, and assign the modification permission to the admin user and renshi group.

650) this. width = 650; "border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/1U6134101-4.jpg "/>

At this time, the client accesses the database again with the corresponding user, and the write permission is granted.

If only the specified user is allowed to access the FTP site, but anonymous access is not allowed, you only need to disable anonymous authentication in "FTP authentication.

In addition, if you want to restrict the user's upload space, you can set the disk quota or quota management. This is also described in the previous file server section. See blog http://80821.blog.51cto.com/70821/1168982 for details.

This article is from the "one pot of turbidity wine" blog. For more information, please contact the author!