Professional Web Applications Themes

mapping to users home directory - ASP

I am trying to write an asp or aspx page that will create a virtual ftp directory to the users Active Directory home directory. That way a user can interact (drag/drop, copy/paste) via IE with folder view for ftp sites. I have some code, that seems to be "flaky" it works for me and some others, but not everyone. I really need to get a stable version. My asp code is below. Having it in ASP is fine, but it would be a bonus to have a solid ASPX (ASP.net) solution. There is one issue I have ran into that ...

  1. #1

    Default mapping to users home directory

    I am trying to write an asp or aspx page that will create
    a virtual ftp directory to the users Active Directory
    home directory. That way a user can interact (drag/drop,
    copy/paste) via IE with folder view for ftp sites.

    I have some code, that seems to be "flaky" it works for
    me and some others, but not everyone. I really need to
    get a stable version. My asp code is below. Having it
    in ASP is fine, but it would be a bonus to have a solid
    ASPX (ASP.net) solution.

    There is one issue I have ran into that is pretty
    annoying, and I am not sure if it can be fixed or not and
    that is the security of the virtual directory and file.
    I would prefer that when the user is at work on the
    network and logged in with their AD account that they
    would not be challenged to authenticate, but I could not
    get the "request.ServerVariables("AUTH_PASSWORD")" method
    to work unless Basic Authentication is used, requiring
    the user to login. I do not know if this can be avoided
    in ASP.net, but if I can use an aspx page that can get
    the password without having to decrypt or whatever that
    would be ideal. Anyway, here is the code I have:
    ----------------------------------------------------------
    -------------------------
    <%

    strFullUserName = request.ServerVariables("AUTH_USER")
    strUserPass = request.ServerVariables("AUTH_PASSWORD")
    strWebServer = request.ServerVariables("SERVER_NAME")
    strWebServerIP = request.ServerVariables("LOCAL_ADDR")

    'Split domain and username

    strUserDomain = strFullUserName
    strUserDomain = Mid (strFullUserName, 1, Instr
    (strFullUserName, "\")-1)
    strUserDomainLength = len(strUserDomain)
    strFullUserNameLength = Len(strFullUserName)
    strUserName = Right (strFullUserName,
    strFullUserNameLength - strUserDomainLength -1)

    Set objUser = GetObject("WinNT://" & strUserDomain & "/"
    & strUserName, user)
    strUserHome = objUser.homeDirectory

    strVD = "ftp://" & strWebServer & "/"


    On Error Resume Next

    Set IISOBJ = GetObject
    ("IIS://Localhost/MSFTPSVC/1/Root")
    Set NewDir = IISOBJ.Create("IIsFtpVirtualDir",
    strUserName)

    Error.Number = 0


    NewDir.Path = strUserHome
    NewDir.AccessRead = True
    NewDir.AccessWrite = True
    NewDir.UNCUserName = strfullUserName
    NewDir.UNCPassword = strUserPass
    NewDir.SetInfo
    Set NewDir=Nothing
    Set IISObJ=Nothing
    Response.Redirect( "ftp://testportal" )
    'response.write ("Your P Drive Was Mapped
    Successfully!"& "<a href=""ftp://testportal/"">Click
    Here</a><br>")

    %>
    scmiles Guest

  2. #2

    Default Re: mapping to users home directory

    Connecting to LDAP, IIS, etc. is not going to work for authenticated users
    that are 'peons'... they must be members of certain privilege groups in
    order to create an IIS application; for example, guests and domain users do
    not have this privilege.

    So, this isn't necessarily that you have flaky code, but that you expect any
    user to be able to create your objects. A possible alternative would be to
    store the data or set some flag in a database, and have a VBS script that
    runs as you or as Administrator, wake up every minute and see if there is a
    user to add; if so, create the stuff. The VBS script would then run as a
    user with enough privileges to create everything you want to create here.
    Of course there would sometimes be a lag of up to a minute, between the time
    the user entered the data via the ASP page, and when the directory was
    actually created and available for use.

    A




    "scmiles" <scmilesnospam-dmacc.edu> wrote in message
    news:0a9601c39283$c4ab5640$a001280aphx.gbl...
    > I am trying to write an asp or aspx page that will create
    > a virtual ftp directory to the users Active Directory
    > home directory. That way a user can interact (drag/drop,
    > copy/paste) via IE with folder view for ftp sites.
    >
    > I have some code, that seems to be "flaky" it works for
    > me and some others, but not everyone. I really need to
    > get a stable version. My asp code is below. Having it
    > in ASP is fine, but it would be a bonus to have a solid
    > ASPX (ASP.net) solution.
    >
    > There is one issue I have ran into that is pretty
    > annoying, and I am not sure if it can be fixed or not and
    > that is the security of the virtual directory and file.
    > I would prefer that when the user is at work on the
    > network and logged in with their AD account that they
    > would not be challenged to authenticate, but I could not
    > get the "request.ServerVariables("AUTH_PASSWORD")" method
    > to work unless Basic Authentication is used, requiring
    > the user to login. I do not know if this can be avoided
    > in ASP.net, but if I can use an aspx page that can get
    > the password without having to decrypt or whatever that
    > would be ideal. Anyway, here is the code I have:
    > ----------------------------------------------------------
    > -------------------------
    > <%
    >
    > strFullUserName = request.ServerVariables("AUTH_USER")
    > strUserPass = request.ServerVariables("AUTH_PASSWORD")
    > strWebServer = request.ServerVariables("SERVER_NAME")
    > strWebServerIP = request.ServerVariables("LOCAL_ADDR")
    >
    > 'Split domain and username
    >
    > strUserDomain = strFullUserName
    > strUserDomain = Mid (strFullUserName, 1, Instr
    > (strFullUserName, "\")-1)
    > strUserDomainLength = len(strUserDomain)
    > strFullUserNameLength = Len(strFullUserName)
    > strUserName = Right (strFullUserName,
    > strFullUserNameLength - strUserDomainLength -1)
    >
    > Set objUser = GetObject("WinNT://" & strUserDomain & "/"
    > & strUserName, user)
    > strUserHome = objUser.homeDirectory
    >
    > strVD = "ftp://" & strWebServer & "/"
    >
    >
    > On Error Resume Next
    >
    > Set IISOBJ = GetObject
    > ("IIS://Localhost/MSFTPSVC/1/Root")
    > Set NewDir = IISOBJ.Create("IIsFtpVirtualDir",
    > strUserName)
    >
    > Error.Number = 0
    >
    >
    > NewDir.Path = strUserHome
    > NewDir.AccessRead = True
    > NewDir.AccessWrite = True
    > NewDir.UNCUserName = strfullUserName
    > NewDir.UNCPassword = strUserPass
    > NewDir.SetInfo
    > Set NewDir=Nothing
    > Set IISObJ=Nothing
    > Response.Redirect( "ftp://testportal" )
    > 'response.write ("Your P Drive Was Mapped
    > Successfully!"& "<a href=""ftp://testportal/"">Click
    > Here</a><br>")
    >
    > %>

    Aaron Bertrand - MVP Guest

  3. #3

    Default Re: mapping to users home directory

    An FTP site?? FTP Servers don't do ASP.

    An FTP Server will automatically dump a user into a folder if there is
    a folder that matches their username. Just create a virtual folder
    that is the same folder name as the username. Then point it to
    whatever in the file system location you want it to be. When the user
    logs in as the particular user name it will auotmatically dump them in
    the right folder.

    Example:

    User name: JSmith

    Virtual Directory: JSmith
    Virtual Directory Physical Path: "C:\where\ever\the\files\are\"
    Virtual Directory Logical Path: [url]ftp://servername/jsmith[/url]

    When user connect to it as JSmith they are automatically dumped into
    thier proper folder. It might be their "ROOT" so it may only show up
    as "ftp://servername", but I don't remember for sure. Just have them
    upload a file, then you go look for it and see where it ended up.


    --

    Phillip Windell [CCNA, MVP, MCP]
    [email]pwindellwandtv.com[/email]
    WAND-TV (ABC Affiliate)
    [url]www.wandtv.com[/url]

    "scmiles" <scmilesnospam-dmacc.edu> wrote in message
    news:0a9601c39283$c4ab5640$a001280aphx.gbl...
    > I am trying to write an asp or aspx page that will create
    > a virtual ftp directory to the users Active Directory
    > home directory. That way a user can interact (drag/drop,
    > copy/paste) via IE with folder view for ftp sites.
    >
    > I have some code, that seems to be "flaky" it works for
    > me and some others, but not everyone. I really need to
    > get a stable version. My asp code is below. Having it
    > in ASP is fine, but it would be a bonus to have a solid
    > ASPX (ASP.net) solution.
    >
    > There is one issue I have ran into that is pretty
    > annoying, and I am not sure if it can be fixed or not and
    > that is the security of the virtual directory and file.
    > I would prefer that when the user is at work on the
    > network and logged in with their AD account that they
    > would not be challenged to authenticate, but I could not
    > get the "request.ServerVariables("AUTH_PASSWORD")" method
    > to work unless Basic Authentication is used, requiring
    > the user to login. I do not know if this can be avoided
    > in ASP.net, but if I can use an aspx page that can get
    > the password without having to decrypt or whatever that
    > would be ideal. Anyway, here is the code I have:
    > ----------------------------------------------------------
    > -------------------------
    > <%
    >
    > strFullUserName = request.ServerVariables("AUTH_USER")
    > strUserPass = request.ServerVariables("AUTH_PASSWORD")
    > strWebServer = request.ServerVariables("SERVER_NAME")
    > strWebServerIP = request.ServerVariables("LOCAL_ADDR")
    >
    > 'Split domain and username
    >
    > strUserDomain = strFullUserName
    > strUserDomain = Mid (strFullUserName, 1, Instr
    > (strFullUserName, "\")-1)
    > strUserDomainLength = len(strUserDomain)
    > strFullUserNameLength = Len(strFullUserName)
    > strUserName = Right (strFullUserName,
    > strFullUserNameLength - strUserDomainLength -1)
    >
    > Set objUser = GetObject("WinNT://" & strUserDomain & "/"
    > & strUserName, user)
    > strUserHome = objUser.homeDirectory
    >
    > strVD = "ftp://" & strWebServer & "/"
    >
    >
    > On Error Resume Next
    >
    > Set IISOBJ = GetObject
    > ("IIS://Localhost/MSFTPSVC/1/Root")
    > Set NewDir = IISOBJ.Create("IIsFtpVirtualDir",
    > strUserName)
    >
    > Error.Number = 0
    >
    >
    > NewDir.Path = strUserHome
    > NewDir.AccessRead = True
    > NewDir.AccessWrite = True
    > NewDir.UNCUserName = strfullUserName
    > NewDir.UNCPassword = strUserPass
    > NewDir.SetInfo
    > Set NewDir=Nothing
    > Set IISObJ=Nothing
    > Response.Redirect( "ftp://testportal" )
    > 'response.write ("Your P Drive Was Mapped
    > Successfully!"& "<a href=""ftp://testportal/"">Click
    > Here</a><br>")
    >
    > %>

    Phillip Windell Guest

  4. #4

    Default Re: mapping to users home directory

    For testing purposes, the Everyone group has permissions
    to the create the VD they need in the metabase.
    >-----Original Message-----
    >Connecting to LDAP, IIS, etc. is not going to work for
    authenticated users
    >that are 'peons'... they must be members of certain
    privilege groups in
    >order to create an IIS application; for example, guests
    and domain users do
    >not have this privilege.
    >
    >So, this isn't necessarily that you have flaky code, but
    that you expect any
    >user to be able to create your objects. A possible
    alternative would be to
    >store the data or set some flag in a database, and have
    a VBS script that
    >runs as you or as Administrator, wake up every minute
    and see if there is a
    >user to add; if so, create the stuff. The VBS script
    would then run as a
    >user with enough privileges to create everything you
    want to create here.
    >Of course there would sometimes be a lag of up to a
    minute, between the time
    >the user entered the data via the ASP page, and when the
    directory was
    >actually created and available for use.
    >
    >A
    >
    >
    >
    >
    >"scmiles" <scmilesnospam-dmacc.edu> wrote in message
    >news:0a9601c39283$c4ab5640$a001280aphx.gbl...
    >> I am trying to write an asp or aspx page that will
    create
    >> a virtual ftp directory to the users Active Directory
    >> home directory. That way a user can interact
    (drag/drop,
    >> copy/paste) via IE with folder view for ftp sites.
    >>
    >> I have some code, that seems to be "flaky" it works for
    >> me and some others, but not everyone. I really need to
    >> get a stable version. My asp code is below. Having it
    >> in ASP is fine, but it would be a bonus to have a
    solid
    >> ASPX (ASP.net) solution.
    >>
    >> There is one issue I have ran into that is pretty
    >> annoying, and I am not sure if it can be fixed or not
    and
    >> that is the security of the virtual directory and file.
    >> I would prefer that when the user is at work on the
    >> network and logged in with their AD account that they
    >> would not be challenged to authenticate, but I could
    not
    >> get the "request.ServerVariables("AUTH_PASSWORD")"
    method
    >> to work unless Basic Authentication is used, requiring
    >> the user to login. I do not know if this can be
    avoided
    >> in ASP.net, but if I can use an aspx page that can get
    >> the password without having to decrypt or whatever that
    >> would be ideal. Anyway, here is the code I have:
    >> -------------------------------------------------------
    ---
    >> -------------------------
    >> <%
    >>
    >> strFullUserName = request.ServerVariables("AUTH_USER")
    >> strUserPass = request.ServerVariables("AUTH_PASSWORD")
    >> strWebServer = request.ServerVariables("SERVER_NAME")
    >> strWebServerIP = request.ServerVariables("LOCAL_ADDR")
    >>
    >> 'Split domain and username
    >>
    >> strUserDomain = strFullUserName
    >> strUserDomain = Mid (strFullUserName, 1, Instr
    >> (strFullUserName, "\")-1)
    >> strUserDomainLength = len(strUserDomain)
    >> strFullUserNameLength = Len(strFullUserName)
    >> strUserName = Right (strFullUserName,
    >> strFullUserNameLength - strUserDomainLength -1)
    >>
    >> Set objUser = GetObject("WinNT://" & strUserDomain
    & "/"
    >> & strUserName, user)
    >> strUserHome = objUser.homeDirectory
    >>
    >> strVD = "ftp://" & strWebServer & "/"
    >>
    >>
    >> On Error Resume Next
    >>
    >> Set IISOBJ = GetObject
    >> ("IIS://Localhost/MSFTPSVC/1/Root")
    >> Set NewDir = IISOBJ.Create("IIsFtpVirtualDir",
    >> strUserName)
    >>
    >> Error.Number = 0
    >>
    >>
    >> NewDir.Path = strUserHome
    >> NewDir.AccessRead = True
    >> NewDir.AccessWrite = True
    >> NewDir.UNCUserName = strfullUserName
    >> NewDir.UNCPassword = strUserPass
    >> NewDir.SetInfo
    >> Set NewDir=Nothing
    >> Set IISObJ=Nothing
    >> Response.Redirect( "ftp://testportal" )
    >> 'response.write ("Your P Drive Was Mapped
    >> Successfully!"& "<a href=""ftp://testportal/"">Click
    >> Here</a><br>")
    >>
    >> %>
    >
    >
    >.
    >
    scmiles Guest

  5. #5

    Default Re: mapping to users home directory

    Please look at my code, this is what I am doing already,
    programatically.
    >-----Original Message-----
    >An FTP site?? FTP Servers don't do ASP.
    >
    >An FTP Server will automatically dump a user into a
    folder if there is
    >a folder that matches their username. Just create a
    virtual folder
    >that is the same folder name as the username. Then point
    it to
    >whatever in the file system location you want it to be.
    When the user
    >logs in as the particular user name it will
    auotmatically dump them in
    >the right folder.
    >
    >Example:
    >
    >User name: JSmith
    >
    >Virtual Directory: JSmith
    >Virtual Directory Physical
    Path: "C:\where\ever\the\files\are\"
    >Virtual Directory Logical Path: [url]ftp://servername/jsmith[/url]
    >
    >When user connect to it as JSmith they are automatically
    dumped into
    >thier proper folder. It might be their "ROOT" so it may
    only show up
    >as "ftp://servername", but I don't remember for sure.
    Just have them
    >upload a file, then you go look for it and see where it
    ended up.
    >
    >
    >--
    >
    >Phillip Windell [CCNA, MVP, MCP]
    >pwindellwandtv.com
    >WAND-TV (ABC Affiliate)
    >[url]www.wandtv.com[/url]
    >
    >"scmiles" <scmilesnospam-dmacc.edu> wrote in message
    >news:0a9601c39283$c4ab5640$a001280aphx.gbl...
    >> I am trying to write an asp or aspx page that will
    create
    >> a virtual ftp directory to the users Active Directory
    >> home directory. That way a user can interact
    (drag/drop,
    >> copy/paste) via IE with folder view for ftp sites.
    >>
    >> I have some code, that seems to be "flaky" it works for
    >> me and some others, but not everyone. I really need to
    >> get a stable version. My asp code is below. Having it
    >> in ASP is fine, but it would be a bonus to have a
    solid
    >> ASPX (ASP.net) solution.
    >>
    >> There is one issue I have ran into that is pretty
    >> annoying, and I am not sure if it can be fixed or not
    and
    >> that is the security of the virtual directory and file.
    >> I would prefer that when the user is at work on the
    >> network and logged in with their AD account that they
    >> would not be challenged to authenticate, but I could
    not
    >> get the "request.ServerVariables("AUTH_PASSWORD")"
    method
    >> to work unless Basic Authentication is used, requiring
    >> the user to login. I do not know if this can be
    avoided
    >> in ASP.net, but if I can use an aspx page that can get
    >> the password without having to decrypt or whatever that
    >> would be ideal. Anyway, here is the code I have:
    >> -------------------------------------------------------
    ---
    >> -------------------------
    >> <%
    >>
    >> strFullUserName = request.ServerVariables("AUTH_USER")
    >> strUserPass = request.ServerVariables("AUTH_PASSWORD")
    >> strWebServer = request.ServerVariables("SERVER_NAME")
    >> strWebServerIP = request.ServerVariables("LOCAL_ADDR")
    >>
    >> 'Split domain and username
    >>
    >> strUserDomain = strFullUserName
    >> strUserDomain = Mid (strFullUserName, 1, Instr
    >> (strFullUserName, "\")-1)
    >> strUserDomainLength = len(strUserDomain)
    >> strFullUserNameLength = Len(strFullUserName)
    >> strUserName = Right (strFullUserName,
    >> strFullUserNameLength - strUserDomainLength -1)
    >>
    >> Set objUser = GetObject("WinNT://" & strUserDomain
    & "/"
    >> & strUserName, user)
    >> strUserHome = objUser.homeDirectory
    >>
    >> strVD = "ftp://" & strWebServer & "/"
    >>
    >>
    >> On Error Resume Next
    >>
    >> Set IISOBJ = GetObject
    >> ("IIS://Localhost/MSFTPSVC/1/Root")
    >> Set NewDir = IISOBJ.Create("IIsFtpVirtualDir",
    >> strUserName)
    >>
    >> Error.Number = 0
    >>
    >>
    >> NewDir.Path = strUserHome
    >> NewDir.AccessRead = True
    >> NewDir.AccessWrite = True
    >> NewDir.UNCUserName = strfullUserName
    >> NewDir.UNCPassword = strUserPass
    >> NewDir.SetInfo
    >> Set NewDir=Nothing
    >> Set IISObJ=Nothing
    >> Response.Redirect( "ftp://testportal" )
    >> 'response.write ("Your P Drive Was Mapped
    >> Successfully!"& "<a href=""ftp://testportal/"">Click
    >> Here</a><br>")
    >>
    >> %>
    >
    >
    >.
    >
    scmiles Guest

  6. #6

    Default Re: mapping to users home directory

    IUSR_yourmachine is NOT in the everyone group for the domain!!!!!!!



    "scmiles" <anonymousdiscussions.microsoft.com> wrote in message
    news:001001c393ff$cbecc060$a401280aphx.gbl...
    > For testing purposes, the Everyone group has permissions
    > to the create the VD they need in the metabase.
    > >-----Original Message-----
    > >Connecting to LDAP, IIS, etc. is not going to work for
    > authenticated users
    > >that are 'peons'... they must be members of certain
    > privilege groups in
    > >order to create an IIS application; for example, guests
    > and domain users do
    > >not have this privilege.
    > >
    > >So, this isn't necessarily that you have flaky code, but
    > that you expect any
    > >user to be able to create your objects. A possible
    > alternative would be to
    > >store the data or set some flag in a database, and have
    > a VBS script that
    > >runs as you or as Administrator, wake up every minute
    > and see if there is a
    > >user to add; if so, create the stuff. The VBS script
    > would then run as a
    > >user with enough privileges to create everything you
    > want to create here.
    > >Of course there would sometimes be a lag of up to a
    > minute, between the time
    > >the user entered the data via the ASP page, and when the
    > directory was
    > >actually created and available for use.
    > >
    > >A
    > >
    > >
    > >
    > >
    > >"scmiles" <scmilesnospam-dmacc.edu> wrote in message
    > >news:0a9601c39283$c4ab5640$a001280aphx.gbl...
    > >> I am trying to write an asp or aspx page that will
    > create
    > >> a virtual ftp directory to the users Active Directory
    > >> home directory. That way a user can interact
    > (drag/drop,
    > >> copy/paste) via IE with folder view for ftp sites.
    > >>
    > >> I have some code, that seems to be "flaky" it works for
    > >> me and some others, but not everyone. I really need to
    > >> get a stable version. My asp code is below. Having it
    > >> in ASP is fine, but it would be a bonus to have a
    > solid
    > >> ASPX (ASP.net) solution.
    > >>
    > >> There is one issue I have ran into that is pretty
    > >> annoying, and I am not sure if it can be fixed or not
    > and
    > >> that is the security of the virtual directory and file.
    > >> I would prefer that when the user is at work on the
    > >> network and logged in with their AD account that they
    > >> would not be challenged to authenticate, but I could
    > not
    > >> get the "request.ServerVariables("AUTH_PASSWORD")"
    > method
    > >> to work unless Basic Authentication is used, requiring
    > >> the user to login. I do not know if this can be
    > avoided
    > >> in ASP.net, but if I can use an aspx page that can get
    > >> the password without having to decrypt or whatever that
    > >> would be ideal. Anyway, here is the code I have:
    > >> -------------------------------------------------------
    > ---
    > >> -------------------------
    > >> <%
    > >>
    > >> strFullUserName = request.ServerVariables("AUTH_USER")
    > >> strUserPass = request.ServerVariables("AUTH_PASSWORD")
    > >> strWebServer = request.ServerVariables("SERVER_NAME")
    > >> strWebServerIP = request.ServerVariables("LOCAL_ADDR")
    > >>
    > >> 'Split domain and username
    > >>
    > >> strUserDomain = strFullUserName
    > >> strUserDomain = Mid (strFullUserName, 1, Instr
    > >> (strFullUserName, "\")-1)
    > >> strUserDomainLength = len(strUserDomain)
    > >> strFullUserNameLength = Len(strFullUserName)
    > >> strUserName = Right (strFullUserName,
    > >> strFullUserNameLength - strUserDomainLength -1)
    > >>
    > >> Set objUser = GetObject("WinNT://" & strUserDomain
    > & "/"
    > >> & strUserName, user)
    > >> strUserHome = objUser.homeDirectory
    > >>
    > >> strVD = "ftp://" & strWebServer & "/"
    > >>
    > >>
    > >> On Error Resume Next
    > >>
    > >> Set IISOBJ = GetObject
    > >> ("IIS://Localhost/MSFTPSVC/1/Root")
    > >> Set NewDir = IISOBJ.Create("IIsFtpVirtualDir",
    > >> strUserName)
    > >>
    > >> Error.Number = 0
    > >>
    > >>
    > >> NewDir.Path = strUserHome
    > >> NewDir.AccessRead = True
    > >> NewDir.AccessWrite = True
    > >> NewDir.UNCUserName = strfullUserName
    > >> NewDir.UNCPassword = strUserPass
    > >> NewDir.SetInfo
    > >> Set NewDir=Nothing
    > >> Set IISObJ=Nothing
    > >> Response.Redirect( "ftp://testportal" )
    > >> 'response.write ("Your P Drive Was Mapped
    > >> Successfully!"& "<a href=""ftp://testportal/"">Click
    > >> Here</a><br>")
    > >>
    > >> %>
    > >
    > >
    > >.
    > >

    Aaron Bertrand - MVP Guest

  7. #7

    Default Re: mapping to users home directory

    Unless "yourmachine" is a DC.

    Ray at work

    "Aaron Bertrand - MVP" <aaronTRASHaspfaq.com> wrote in message
    news:et4XFSAlDHA.964TK2MSFTNGP10.phx.gbl...
    > IUSR_yourmachine is NOT in the everyone group for the domain!!!!!!!

    Ray at Guest

  8. #8

    Default Re: mapping to users home directory

    > Unless "yourmachine" is a DC.

    I don't know of too many DCs that are running ASP applications. Certainly
    not where I would be running it, and certainly doesn't sound like a
    foolproof way of "securing" the server...


    Aaron Bertrand - MVP Guest

  9. #9

    Default Re: mapping to users home directory

    I don't know of many either. It's a bad idea, imo. But, I just wanted to
    throw in the exception to the rule.

    Ray at work

    "Aaron Bertrand - MVP" <aaronTRASHaspfaq.com> wrote in message
    news:%23hFBuYAlDHA.3256tk2msftngp13.phx.gbl...
    > > Unless "yourmachine" is a DC.
    >
    > I don't know of too many DCs that are running ASP applications. Certainly
    > not where I would be running it, and certainly doesn't sound like a
    > foolproof way of "securing" the server...
    >
    >

    Ray at Guest

  10. #10

    Default Re: mapping to users home directory

    "Ray at <%=sLocation%>" <myfirstname at lane34 dot com> wrote in
    message news:ubiUuTAlDHA.2776tk2msftngp13.phx.gbl...
    > Unless "yourmachine" is a DC.
    I think even then I don't think it is in the Everyone Group although
    it would be a Domain Account. I wouldn't swear to it, but that is how
    I think it is.

    --

    Phillip Windell [CCNA, MVP, MCP]
    [email]pwindellwandtv.com[/email]
    WAND-TV (ABC Affiliate)
    [url]www.wandtv.com[/url]


    Phillip Windell Guest

  11. #11

    Default Re: mapping to users home directory

    I just looked at the iusr domain account that exists in my domain. (I HAVE
    NOTHING TO DO WITH THE FACT THAT IIS IS INSTALLED ON OUR DCS!)

    ifmember /verbose /list OUR_DOMAIN_NAME\iusr_OUR_DC_NAME
    User is a member of group OUR_DOMAIN_NAME\Domain Admins. <--- NICE!!
    User is a member of group \Everyone.
    User is a member of group BUILTIN\Administrators.
    User is a member of group BUILTIN\Users.

    --SOME OTHERS

    So, it is part of everyone. And thanks to this post, I now see that some
    brilliant coworker put this user in domain admins... I'll have to find out
    what's up with that. Thanks!

    Ray at work



    "Phillip Windell" <pwindell{at}wandtv*d0t*com> wrote in message
    news:%231IQnBBlDHA.2200TK2MSFTNGP12.phx.gbl...
    > "Ray at <%=sLocation%>" <myfirstname at lane34 dot com> wrote in
    > message news:ubiUuTAlDHA.2776tk2msftngp13.phx.gbl...
    > > Unless "yourmachine" is a DC.
    >
    > I think even then I don't think it is in the Everyone Group although
    > it would be a Domain Account. I wouldn't swear to it, but that is how
    > I think it is.
    >
    > --
    >
    > Phillip Windell [CCNA, MVP, MCP]
    > [email]pwindellwandtv.com[/email]
    > WAND-TV (ABC Affiliate)
    > [url]www.wandtv.com[/url]
    >
    >

    Ray at Guest

  12. #12

    Default Re: mapping to users home directory

    I apologize. This is wrong. This is my group listing. Oops. But, here is
    the correct response. The user IS a member of everyone.


    showgrps /a OUR_DOMAIN_NAME\iusr_OUR_DC_NAME

    User: [OUR_DOMAIN_NAME\iusr_OUR_DC_NAME], is a member of:

    \Everyone




    Ray at work



    "Ray at <%=sLocation%>" <myfirstname at lane34 dot com> wrote in message
    news:uWJUENBlDHA.976tk2msftngp13.phx.gbl...
    > I just looked at the iusr domain account that exists in my domain. (I
    HAVE
    > NOTHING TO DO WITH THE FACT THAT IIS IS INSTALLED ON OUR DCS!)
    >
    > ifmember /verbose /list OUR_DOMAIN_NAME\iusr_OUR_DC_NAME
    > User is a member of group OUR_DOMAIN_NAME\Domain Admins. <--- NICE!!
    > User is a member of group \Everyone.
    > User is a member of group BUILTIN\Administrators.
    > User is a member of group BUILTIN\Users.
    >
    > --SOME OTHERS
    >
    > So, it is part of everyone. And thanks to this post, I now see that some
    > brilliant coworker put this user in domain admins... I'll have to find
    out
    > what's up with that. Thanks!
    >
    > Ray at work
    >
    >
    >
    > "Phillip Windell" <pwindell{at}wandtv*d0t*com> wrote in message
    > news:%231IQnBBlDHA.2200TK2MSFTNGP12.phx.gbl...
    > > "Ray at <%=sLocation%>" <myfirstname at lane34 dot com> wrote in
    > > message news:ubiUuTAlDHA.2776tk2msftngp13.phx.gbl...
    > > > Unless "yourmachine" is a DC.
    > >
    > > I think even then I don't think it is in the Everyone Group although
    > > it would be a Domain Account. I wouldn't swear to it, but that is how
    > > I think it is.
    > >
    > > --
    > >
    > > Phillip Windell [CCNA, MVP, MCP]
    > > [email]pwindellwandtv.com[/email]
    > > WAND-TV (ABC Affiliate)
    > > [url]www.wandtv.com[/url]
    > >
    > >
    >
    >

    Ray at Guest

  13. #13

    Default Re: mapping to users home directory

    OK..


    "Ray at <%=sLocation%>" <myfirstname at lane34 dot com> wrote in
    message news:ua5YkPBlDHA.1740TK2MSFTNGP12.phx.gbl...
    > I apologize. This is wrong. This is my group listing. Oops. But,
    here is
    > the correct response. The user IS a member of everyone.
    >
    >
    > showgrps /a OUR_DOMAIN_NAME\iusr_OUR_DC_NAME
    >
    > User: [OUR_DOMAIN_NAME\iusr_OUR_DC_NAME], is a member of:
    >
    > \Everyone
    >
    >
    >
    >
    > Ray at work
    >
    >
    >
    > "Ray at <%=sLocation%>" <myfirstname at lane34 dot com> wrote in
    message
    > news:uWJUENBlDHA.976tk2msftngp13.phx.gbl...
    > > I just looked at the iusr domain account that exists in my domain.
    (I
    > HAVE
    > > NOTHING TO DO WITH THE FACT THAT IIS IS INSTALLED ON OUR DCS!)
    > >
    > > ifmember /verbose /list OUR_DOMAIN_NAME\iusr_OUR_DC_NAME
    > > User is a member of group OUR_DOMAIN_NAME\Domain Admins. <---
    NICE!!
    > > User is a member of group \Everyone.
    > > User is a member of group BUILTIN\Administrators.
    > > User is a member of group BUILTIN\Users.
    > >
    > > --SOME OTHERS
    > >
    > > So, it is part of everyone. And thanks to this post, I now see
    that some
    > > brilliant coworker put this user in domain admins... I'll have
    to find
    > out
    > > what's up with that. Thanks!
    > >
    > > Ray at work
    > >
    > >
    > >
    > > "Phillip Windell" <pwindell{at}wandtv*d0t*com> wrote in message
    > > news:%231IQnBBlDHA.2200TK2MSFTNGP12.phx.gbl...
    > > > "Ray at <%=sLocation%>" <myfirstname at lane34 dot com> wrote in
    > > > message news:ubiUuTAlDHA.2776tk2msftngp13.phx.gbl...
    > > > > Unless "yourmachine" is a DC.
    > > >
    > > > I think even then I don't think it is in the Everyone Group
    although
    > > > it would be a Domain Account. I wouldn't swear to it, but that
    is how
    > > > I think it is.
    > > >
    > > > --
    > > >
    > > > Phillip Windell [CCNA, MVP, MCP]
    > > > [email]pwindellwandtv.com[/email]
    > > > WAND-TV (ABC Affiliate)
    > > > [url]www.wandtv.com[/url]
    > > >
    > > >
    > >
    > >
    >
    >

    Phillip Windell Guest

  14. #14

    Default Re: mapping to users home directory

    > I apologize. This is wrong.

    I was going to say, if he were a member of domain admins, then the whole
    setup is sketchy, because someone must have purposely done that.


    Aaron Bertrand - MVP Guest

  15. #15

    Default Re: mapping to users home directory

    It would not surprise me where I work. I see random users in the domain
    admins group all the time. "Oh, so and so needed permissions to install a
    program, so I put him in the domain admins group so he'd have admin rights
    on the local workstation." "Why didn't you at least just add him only to
    the local admin group on his machine." "How do I do that?" Nice.

    Ray at work

    "Aaron Bertrand - MVP" <aaronTRASHaspfaq.com> wrote in message
    news:epsiWbBlDHA.372TK2MSFTNGP11.phx.gbl...
    > > I apologize. This is wrong.
    >
    > I was going to say, if he were a member of domain admins, then the whole
    > setup is sketchy, because someone must have purposely done that.
    >
    >

    Ray at Guest

  16. #16

    Default Re: mapping to users home directory

    > on the local workstation." "Why didn't you at least just add him only to
    > the local admin group on his machine." "How do I do that?" Nice.
    And we wonder why half of the jobs in the IT industry are being outsourced
    to India.


    Aaron Bertrand [MVP] Guest

Similar Threads

  1. Replies: 1
    Last Post: April 6th, 05:53 PM
  2. Replies: 0
    Last Post: January 24th, 11:31 PM
  3. Replies: 2
    Last Post: July 2nd, 01:48 PM
  4. WU-FTP Q?: How to refuse users with an invalid home dir
    By dompie in forum Linux / Unix Administration
    Replies: 0
    Last Post: April 23rd, 06:40 AM
  5. Two OSs, one home directory?
    By Doug Laidlaw in forum Linux Setup, Configuration & Administration
    Replies: 7
    Last Post: July 27th, 11:59 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139