Hi,
ich hatte das selbe Problem, und bin tatsächlich auf den Seiten von Microsoft auf die Lösung gestoßen:
--------------------------------------------------
Isolate Users Using Active Directory Mode
In the Isolate users using Active Directory mode, the FTP service is integrated with Active Directory to retrieve home directory information for users. To accomplish this integration, the Active Directory user object is extended with two properties: msIIS-FTPRoot and msIIS-FTPDir. The msIIS-FTPRoot property stores the file server share, and the msIIS-FTPDir property stores the relative physical path to the home directory for each user. You can use Iisftp.vbs to get and set these properties.
Information that is frequently retrieved from Active Directory is cached by the FTP service. The default caching interval is 10 minutes. You can adjust the caching interval by editing the registry entry DsCacheRefreshSecs.
Caution
Do not edit the registry unless you have no alternative. The registry editor bypasses standard safeguards, allowing settings that can damage your system or even require you to reinstall Windows. If you must edit the registry, back it up first and see the Registry Reference on the Microsoft® Windows® Server 2003 Resource Kit companion CD or at .
If the FTP service successfully accesses the path, it becomes the home directory for the user. The user cannot access the file system outside this directory. The user is denied access if either the msIIS-FTPRoot or msIIS-FTPDir property does not exist, or if the resulting home directory cannot be accessed.
This configuration option provides maximum flexibility and control over user home directories in an ISP environment. For example, John Doe connects to his FTP site at ftp.example.com. The example.com network load-balancing server (NLBS) resolves this request to the server FTPS3. John Doe enters the user name JohnDoe. FTPS3 is configured with the default domain name Domain4, so the user Domain4\JohnDoe is authenticated and the home directory information for John Doe is retrieved from Active Directory as \\FS1\Share2\Users\u2\johndoe_dir. From now on, FTPS3 will access the data under this home directory for all the FTP requests from John Doe. This example is illustrated in Figure 8.1.
Figure 8.1 FTP User Isolation Example: Isolate Users by Using Active Directory Mode
User Home Directories
In the Isolate users using Active Directory mode, each user's home directory resides on an arbitrary network path, which provides you with the flexibility to distribute user home directories across multiple servers, volumes, and directories. In addition, you can move user's home directories transparently from one location to another, which affects the service for the users only during the duration of the move. You can also set the msIIS-FTPRoot and msIIS-FTPDir properties so that the users home directory maps to a local folder on the FTP server; for example, msIIS-FTPRoot is set to E:\FTPUsers.
Configuring Isolate Users Using Active Directory Mode
There are three main steps to configuring the Isolate users using Active Directory mode:
• Configure the file servers.
• Configure Active Directory.
• Create and configure the FTP sites to be isolated.
When you configure the file servers, you must create the shares and user directories for all the users that are permitted to connect to the FTP service, including the user configured to impersonate anonymous users. Before you complete this step, consider factors such as expected disk space usage, storage management, and network traffic.
To configure Active Directory, you need a server running Windows Server 2003, Standard Edition, and Active Directory. Configure the user object in Active Directory for each user, including the user configured to impersonate the anonymous user, by setting the msIIS-FTPRoot and msIIS-FTPDir properties to point to the home directories that you previously created. You can do this by using the Iisftp.vbs command-line utility with the /SetADPropcommand. To learn more about setting up Active Directory, see Active Directory in Help and Support Center for Windows Server 2003.
For information about working with FTP sites with Isolate users using Active Directory mode, see Creating a New FTP Site with Isolate Users Using Active Directory Mode, Enabling Anonymous Access for a FTP Site Configured with Isolate Users Using Active Directory Mode, and Converting an Existing FTP Site to Isolate Users Using Active Directory Mode.
---------------------------------------
Kompletter Artikel unter:
http://www.microsoft.com/technet/pro...4198819d4.mspx
Hast du FTPDir relativ zu FTPRoot angegeben?
Weiß jemand, warum man überhaupt FÜR JEDEN BENUTZER ein FTPRoot angibt?
Ich hoffe, ich konnte ein bisschen weiterhelfen!
Ähnliche Themen
IIS6.0 FTP Server - Benutzerisolation über AD -
19.06.2004, 17:30
und ich weiß nicht wieso 
20.06.2004, 21:23
)
