So, the problem I faced was that I was trying to set up the IIS ftp service to handle multiple users. However, in its User Isolation mode and with using Local users, the IIS expects the folders to be named “LocalUser\username” within the ftp-root. It’s not difficult to set that up, if you have a clean installation.
The problem was that we had an existing infrastructure in place, where the folders were named c:\inetpub\user01, c:\inetpub\user02…, etc. So it was impossible to add a directory structure that the IIS would recognize as the users’ home folders.
We tried accomplishing that using Virtual Directories, but for some reason, IIS failed to recognize them when we tried to add two virtual folders in succession (one LocalUser virtual folder, and then “user01″, “user02″ virtual folders beneath that).
Ultimately, the solution we found was to use NTFS junctions, using the SysInternals junction utility.
By creating a folder “LocalUser” within the ftproot directory, and adding junction points under that, we were able to create a directory structure that accommodated our setup. It looks like this:
c:\\InetPub
+ ftproot
+ LocalUser
- user01 -> ..\\..\\user01
- user02 -> ..\\..\\user02
- user01
- user02
This means that users can be added to or deleted from the ftp service simply by using junctions. Moreover, it means that we don’t have to use the IIS administrator utility to do that, but can script it using conventional bat files (and without using the iisftp tool either).
Provided that using junctions doesn’t open the system up to any security vulnerabilities (which I haven’t found so far), this is (I think) a very neat setup.
Wow! Soft links. What an invention. ;-)
Do you really need a 3rd party utility to do that?
man ln
Unless I want to install the Windows Resource Kit, yes.
By the way, cygwin ln doesn’t always seem to work with NTFS. SysInternals’ junction works much better.
It’s a wicked world.