Home Directory
The last FTP property sheet discussed here is on the Home Directory tab. Each FTP site requires a home directory. When a user connects to an FTP site, that user lands in the physical directory designated as the FTP site directory on the Home Directory tab of the Home Directory properties sheet. See Figure 6.5 if you need to review this property sheet.
Figure 6.5. FTP sites are associated with a physical directory on the Home Directory property sheet.
This section discusses the difference between local and remote directories, types of access to the FTP site, and directory listing styles.
Local versus Remote
The FTP site directory can either be local or remote. If local, the physical directory exists on the same computer as Internet Information Services and is identified by selecting the radio button for A directory located on this computer. If remote, the physical directory exists on a different computer, either on the same subnet or on a remote subnet, and is identified by selecting the radio button For a share located on another computer.
As simple as it is to configure local directories, it can be just as complex to configure remote directories. After it's indicated that the FTP home directory is located on a remote computer, new options will appear on the Home Directory property sheet. Notice the changes to Home Directory tab, as indicated in Figure 6.6.
Figure 6.6. Remote virtual directories require a URL to locate it and an account to connect with.
The FTP service attaches to remote directories by using a standard NetBIOS connection. The remote computer can be running Windows NT, Windows 2000, Windows 9x, or even SAMBA on Linux. Because of the NetBIOS connection, the computer running the FTP service must have the Workstation service enabled, and the remote computer with the physical directory must have the Server service enabled. Additionally, the remote physical directory must be sharedfrom the remote computer, and appropriate permissions must be configured on both the share and within NTFS.
So what are appropriate permissions? The two options that are unique to a remote home directory are a Network Share box and a Connect As. . . button. The computer running the FTP service will connect to the remote home directory by using this Windows 2000 account and the remote share. So, you must configure this Windows 2000 account with a minimum of read permissions both in NTFS and on the share. Figure 6.7 displays results of the Connect As. . . button.
Figure 6.7. The FTP server must log in to a computer that contains a remote directory.
Any access to the data in the remote home directory is granted to the Windows 2000 account specified in the Connect As. . . dialog box. Because the connection is established only once, when the FTP service is started for the site, all access to this directory is in the context of the specified user. So, NTFS cannot be used to configure different permissions for different users. Figure 6.8 diagrams the logical connection from the FTP server computer to a computer that houses a remote directory.
Figure 6.8. The FTP service requires a user context to logon to a computer housing a remote directory.
Access Permissions
The directory permissions assigned from the Home Directory tab of the FTP site property sheet apply to every connection made to the FTP site. This includes both anonymous and nonanonymous connections. So, suppose that you want most users to connect to an FTP site with an anonymous connection and obtain read permissions, but you need the Web master to FTP to the site as a nonanonymous user and obtain both read and write access. In this case, you must select both the "Read" and "Write" check boxes.
The problem with this scenario is that now all connections will obtain read and write permissions to the directory. How do you secure the files from the anonymous users? With NTFS permissions! You could configure the NTFS permissions for the Web master's nonanonymous account to change, and the NTFS permissions for the anonymous user account to read.
Directory Listing Style
It might seem surprising that Microsoft, the maker of MS-DOS, defaults to the UNIX directory style listing. Well, it shouldn't surprise you. For years, the predominant operating system on the Internet was UNIX. So, if you want your FTP directory listing to be readable by the widest range of clients, leave the directory listing style as UNIX.
However, the MS-DOS directory style listing does, offer some advantages. It provides more information than the UNIX directory listing. The tradeoff is that MS-DOS listing supports only 8.3 filenames.
Whether you use the UNIX or MS-DOS directory style listing, visitors to your site can generate a directory listing by typing either ls or dir at the FTP prompt.
The ls command generates a simple list of files and directories, as follows:
ftp> ls 200 PORT command successful. 150 Opening ASCII mode data connection for file list. chapter3.doc new_util.zip technote.doc 226 Transfer complete. 43 bytes received in 0.01 seconds (4.30 Kbytes/sec)
The dir command generates a more detailed list:
ftp> dir 200 PORT command successful. 150 Opening ASCII mode data connection for /bin/ls. -rwxrwxrwx 1 owner group 279449 Mar 31 8:28 chapter3.doc -rwxrwxrwx 1 owner group 1960359 Oct 21 1997 new_util.zip -rwxrwxrwx 1 owner group 3333 May 5 17:05 technote.doc 226 Transfer complete. 220 bytes received in 0.03 seconds (7.33 Kbytes/sec)
The most important thing to note is that only physical files and directories are contained in the list. Physical files and directories exist within the FTP site directory on the hard drive, either as files or as subdirectories. In contrast, virtual directories exist either within a different directory on the hard drive or on another server altogether. Virtual directories are configured by adding new virtual directories to the current FTP virtual server.