NTFS Partition
The first thing you need is an NTFS
partition. You can still setup an FTP server without NTFS, however
you won't be able to restrict who has access to your FTP server.
i.e. you'll have any Billy downloading off you.
You can convert a drive to NTFS in
Windows XP (and maybe 2000) by typing
convert driveletter /fs:ntfs
Where drive letter is the letter of the
drive followed by : e.g. "c:"
NOTE: If this drive is accessed
by any operating system other than Windows 2000/XP do not convert it -
Windows 98/ME can't access NTFS partitions.
If you do not have or cannot create an
NTFS drive, click here.
Installing IIS
Go to Add/Remove Programs - Windows
Components from Control Panel. Put a tick in "Internet Information
Services" and then double-click it. Put a tick in "File Transfer
Protocol (FTP) Service).
Click OK, and again, you may need your
Windows 2000/XP CD to install it.
The User Group
Go to Administrative Tools > Computer
Management > Local Users and Groups > Groups. Right-click > New
Group. Set the group name to IIS User.
Adding the Users
Go up to users and add a new user
account. You will need to specify a username and password.
Untick "User must change password at
next logon" and tick "User cannot change password" and "Password never
expires".
Click "Create" and then "Close".
Right-click the new user and select
"Properties". Under the "Member of" tab, remove "Users", click Add
and type IIS User. This stops you having to modify each user's
rights to your server, you can just change the groups.
I'm Not a Cripple!!!
Windows XP Users Only:
Windows XP uses simple file sharing for those dumb smuchs who spend
all day at the clinic - you need to disable this. Load Windows
Explorer, from the menu choose Tools > Folder Options and go to the View
page. At the bottom of the list remove the tick from "Use simple
file sharing (recommended)".
If you don't do this you will not get the
security tab in drive/folder properties.
Setting the Drive/Folder
Next up, go to the drive or folder it
is you want as the root to your FTP server. Right-click it and
select Properties. On the security tab, click Advanced and remove
"Inherit from parent the permission..." and click OK.
Under the "Group or user names:"
section make sure you have:
- Your login (full permissions)
- IIS User (Read-only permissions)
- SYSTEM (full permissions)
If you do not have yourself and the
SYSTEM in there, you will not be able to access the folder, and nor will
Windows.
If "Everyone" is in the list, remove it
or any person will be able to access your server.
Setting Up IIS
From Administrative Tools, choose IIS
(Internet Blah Blah). Double-click FTP Sites and right-click
Default FTP Site, selecting "Properties".
Under "Security Accounts" untick "Allow
Anonymous Connections". You will be warned about unsecured
passwords being transmitted, just say "Yes".
Under "Messages" you can enter messages
for people coming to your server, I've only ever seen these displayed
once and that was in Windows 2000.
The final page - "Home Directory", set
the local path to the folder you want to share (this is the folder you
setup earlier). And tick Read, Write and Log Visits.
NOTE: You don't have to
select write, but if you want read-write access to the FTP server then
you will need it selected. Provided you selected IIS Users to have
read-only permissions they will not be able to modify it.
And that is it...Done.
Testing the Server
Your FTP server can be found by going
to ftp://youripaddress you can find your IP address in the FTP
Properties page under "FTP Site" and IP "Address". Test accessing
it under the different logins i.e. your own and one of ours, put an
empty text document up and try to delete it with an IIS User login.
You should get "Access is Denied".
Private Folders
If you want to setup a read-write
private folder for you only, create the folder, and right-click select
"Properties". On the Security tab click "Advanced" and untick
"Inherit...", click OK. Remove IIS User from the groups or users
list. You will need your Windows login to access this folder with
read-write permissions.
|