Microsoft KB Archive/164091

= FTP Permissions for File GET and PUT =

Article ID: 164091

Article Last Modified on 6/22/2005

-

APPLIES TO


 * Microsoft Internet Information Server 2.0

-



This article was previously published under Q164091



We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/prodtech/IIS.mspx



SUMMARY
This article describes the permissions to set on directories and files for an FTP GET and an FTP PUT commands. The following has been tested on Microsoft Windows NT Server version 4.0 and Internet Information Server (IIS) version 2.0 and works only on NTFS partitions. The following uses the anonymous user with the default IUSER_hostname account created by IIS.



MORE INFORMATION
For an anonymous user to GET any files from your FTP server the minimum permission required is READ on the directory and all the subdirectories and files below the directory. Without this permission the anonymous user will not be able to GET a file even if he or she knows the name of the file. The user has to be able to browse through the directories to GET the file he or she would need.

The following steps lists how to set these permissions:


 * 1) Click the NTFS drive.
 * 2) Select the folder you want to set the permissions on.
 * 3) Right click the folder, and click Properties.
 * 4) Click the Security tab and in the Permissions box, click Permissions.
 * 5) Select Special Directory Access and Special File Access from the drop down box Type of Access, and select the type of access you want to set by selecting Other and checking all options that apply.
 * 6) Select Read as one of your options. This is required.

For users to PUT files into directories or subdirectories they do not need Read permission on them. In other words they do not have to browse the directory to PUT files into it. The permission they would need is Write and if they know the name of the directory to PUT files into they can do it successfully without the READ permission.

For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

142868 IIS: Authentication and security features

Additional query words: iis

Keywords: kbinfo KB164091

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.