Hello,

we have the following scenario:

IIS 6.0 on Windows 2003

Web-Directory and ftp-Directory use the same physical ntfs folder.

For one user (Active Directory) we have a a secure web appliation (SSL) to
upload/download documents (the NTFS permission for the AD user must be set
probably on this directory).

The problem: The same user could use ftp to download the file unsecure.

How to "block" this specific user to use ftp?

Hi,

Make the folder a virtual directory that is not located under the physical
web root. Do not add it as a virtual directory under your FTP server.

Cheers
Ken


"Thomas Kofler" <ThomasKofler [at] discussions.microsoft.com> wrote in message
news:2F2E404C-CB10-46B8-97F1-33BAEA0AC0B2 [at] microsoft.com...
> Hello,
>
> we have the following scenario:
>
> IIS 6.0 on Windows 2003
>
> Web-Directory and ftp-Directory use the same physical ntfs folder.
>
> For one user (Active Directory) we have a a secure web appliation (SSL) to
> upload/download documents (the NTFS permission for the AD user must be set
> probably on this directory).
>
> The problem: The same user could use ftp to download the file unsecure.
>
> How to "block" this specific user to use ftp?