Dear Jerry
This can all be done in server manager I believe, without needing any command prompt intervention, using the Users, Groups and ibays panels.
By making your users members of groups you can control this.
Each ibay should be owned by a specific group, rather than Everyone or Administrator. Read/Write access should be set to that Group. Multiple ibays can be owned by the same Group.
Make ALL your user(s) a member of a group for which they need local ibay access. Users can be members of multiple Groups where you may wish to allow some local users access to local ibays and some local users not.
If you have a number of ibays that ALL local users need to access, these ibays can be owned by the same group, therefore the members of that group can access all those ibays.
The ftp site ibays would need to be owned by a different group than any of the main local users group(s) in order to prevent the local users from accessing the ftp ibays via the local network (Windows browsing etc) They will see the ibay but will NOT be able to access it. Make sure your local Users are NOT a member of the Group owning the ibay for which you are allowing external access only.
The external Internet access is controlled by password on the ibay (eg all internet password required) (which is a separate thing to the group access rights).
If you give external users the ibay password they can ftp or www to the site. Of course you DO NOT give the ibay password to your local users so they will not be able to get www or ftp access even via the local intranet.
I know it's not using the command prompt, but it works
Hope this helps
Ray Mitchell
4 Replies
1174 Views