PDA

View Full Version : Creating a standard FTP Server user and sandboxing in them in virtual shares




wyattbiker
Mar 18, 2010, 11:30 AM
Can I create a Standard user (not an admin) whom I can give access to certain shares through the Mac OS X Server Snow FTP Server? When I try to FTP through Cyberduck, it does not allow them to login. If I change it the user to admin, I can FTP into that user but then he has access to all the folders on my server even though I have setup virtual shares in the FTP. Is there some trick to block the user from viewing the full server and sandboxing them to virtual shares that I have setup?

I have been trying to figure this one out but I am dead in the water. I ended for now using CrushFTP which is a fantastic FTP server but still would like to know if the FTP Server supplied with Mac OS X Server Snow can do this because I prefer to use the integrated if they do what I need.

I looked through the manuals but couldn't understand whether this is doable. Any doc pointers that describes this would be appreciated.



JGruber
Mar 18, 2010, 12:14 PM
Can I create a Standard user (not an admin) whom I can give access to certain shares through the Mac OS X Server Snow FTP Server? When I try to FTP through Cyberduck, it does not allow them to login. If I change it the user to admin, I can FTP into that user but then he has access to all the folders on my server even though I have setup virtual shares in the FTP. Is there some trick to block the user from viewing the full server and sandboxing them to virtual shares that I have setup?

I have been trying to figure this one out but I am dead in the water. I ended for now using CrushFTP which is a fantastic FTP server but still would like to know if the FTP Server supplied with Mac OS X Server Snow can do this because I prefer to use the integrated if they do what I need.

I looked through the manuals but couldn't understand whether this is doable. Any doc pointers that describes this would be appreciated.
In short, yes it is possible, we are doing for about 182 or so kids at school. I'll have to write up a doc on how to do it the right way, I'll post when I have finished it.

wyattbiker
Mar 18, 2010, 04:05 PM
In short, yes it is possible, we are doing for about 182 or so kids at school. I'll have to write up a doc on how to do it the right way, I'll post when I have finished it.

Looking forward to it.

Thanks.

wyattbiker
Mar 25, 2010, 11:49 AM
In short, yes it is possible, we are doing for about 182 or so kids at school. I'll have to write up a doc on how to do it the right way, I'll post when I have finished it.

Anything new on the docs :)

ehemmete
Mar 31, 2010, 02:34 PM
The way I have done this in the past is to set the FTP service to only show home folders. In the FTP setting in Server Admin, under the Advanced tab you can change Authenticated users see: and set it to Home Folder Only. Then when they log in, they are locked in their home folder. You can even remove the standard Desktop, Documents, Downloads, etc... if they are only connecting over FTP.