Randy, I'm actually very interested in what you found here. Are the drives you're storing the data on local to the FTP server or are they remove on another server (a file share somewhere)?
In my implementation, the WS_FTP Server is a front end to another process. Users upload files to the server which actually stores them on a remote filestore where another process picks up the files and processes them. Unfortunately, WS_FTP Server does not understand UNC paths (ala \\Server1\fileshare-name) so you have to use drive letter mappings (ala F:\) for connectivity to the remote share. Well, drive mappings only exist when a user is logged on and they exist within the users's context. This means that for my WS_FTP server to be able to see my remote filestore I have to have a user logged onto the console 24x7 -- and make sure no one logs the user off. If the user is logged off, the drive mapping disappears and poof -- no upload capability. IpSwitch has been promising me for 2 releases that they would implement UNC's but, alas, they have not. If anyone has found otherwise, please reply to this thread. If you want to be as "safe" as possible, I would NOT run your WS_FTP server under the local system account. Create a new account with limited permissions and access to only the specific filesystem locations necessary. That way, god forbid, if an exploit was discovered in WS_FTP and someone was able to hijack permissions or execute code under the WS_FTP Server process they would be running within a limited access account as opposed to the SYSTEM account. Just my $0.02. Good luck, Pete -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Randy Pearson Sent: Thursday, April 29, 2004 12:10 PM To: [EMAIL PROTECTED] Subject: RE: [WS_FTP Forum] Users Cannot Upload Pete, Thanks. That got me in the right direction. There is no specific user, so I assume it runs under the local SYSTEM account. When I checked, this account indeed did not have rights. Adding SYSTEM to the affected ACLs did the trick! Secondary questions: 1. Is this normal for SYSTEM not to have rights? I would think this could cause lots of other services to encounter problems. I'm surprised my server would be set up that way. 2. I don't recall an option to create a specific account for WS_FTP Server. Should I do this instead and run the service that way? What are others doing in this area? -- Randy > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Pete Simpson > Sent: Thursday, April 29, 2004 12:06 PM > To: [EMAIL PROTECTED] > Subject: RE: [WS_FTP Forum] Users Cannot Upload > > Keep in mind that while the users are connecting to the > WS_FTP Server and they need a user account in WS_FTP and > WS_FTP server permissions, the file is actually written to > the hard disk or remote disk storage as the User that the > WS_FTP server process is running under. Make sure THAT user > has the proper NTFS permissions. The OS / NTFS has no idea > that the file is coming from "John Doe", as far as it knows > the file is being written by your "WS_FTP Server User" account. > > Pete > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Randy Pearson > Sent: Thursday, April 29, 2004 10:42 AM > To: [EMAIL PROTECTED] > Subject: RE: [WS_FTP Forum] Users Cannot Upload > > > Thanks Gary, but that doesn't seem like the problem. First, I > checked the > NTFS folders/files and the users that were connecting had > sufficient rights. > I even elevated them to full permissions with no success. > Also, one of the > users is a local administrator and even this person cannot upload. > > -- Randy > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of > > Carmichael, Gary (STL) > > Sent: Thursday, April 29, 2004 9:33 AM > > > > Randy, > > > > It sounds like the NTFS permissions on the folder are > incorrect. You > > may have the permissions set in WS_FTP Server, but I > believe you also > > have to have the NTFS permissions on the folders since you > > are using NT > > accounts. That is why the FAT32 folder works, because there are no > > permissions to set. > > > > Gary > > > > > > -----Original Message----- > > From: Randy Pearson [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, April 28, 2004 5:33 PM > > > Hi, > > > > We recently installed WS_FTP Server on a W2K Server box and > > are having a > > problem getting users the ability to upload. In summary: > > > > a) created 5 folders and corresponding virtuals > > b) 4 of these point to locations on an NTFS volume, and one > to a FAT32 > > volume > > c) WS_FTP server configured to use Windows (NT) accounts > > d) in Folder Permissions, added a few of our users and gave them all > > permissions (R W D Rn L) > > > > Results: > > > > 1) For the 4 folder on NTFS, our users can log into the FTP > server and > > see/download files; but none of the users can upload! When > > using WS_FTP > > as the client, we're seeing a 552 error. The docs seem to > > indicate this > > is a quota issue, but I have not set any quotas. > > > > 2) The one folder on FAT32 works fine. > > > > So the difference seems to be permissions, but I've even > > tried this with > > administrator level users and they cannot upload (or rename). > > > > Any help appreciated! > > > > -- Randy > > > Please visit http://www.ipswitch.com/support/mailing-lists.html > to be removed from this list. > > > An Archive of this list is available at: > http://www.mail-archive.com/wsftp_forum%40list.ipswitch.com/ > > > http://www.realmed.com/legal/confidential.htm > > Please visit http://www.ipswitch.com/support/mailing-lists.html > to be removed from this list. > > > An Archive of this list is available at: > http://www.mail-archive.com/wsftp_forum%40list.ipswitch.com/ > Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/wsftp_forum%40list.ipswitch.com/ http://www.realmed.com/legal/confidential.htm Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/wsftp_forum%40list.ipswitch.com/
