Computer

Implementing a File Server Using the University Network

Implementing a File Server Using the University Network

Introduction

This chapter begins with a basic introduction to Ipswitch WS_FTP Server, a brief description of File Transfer Protocol (FTP) and how an FTP server works (for newcomers), and a description of theproduct’s main features.In addition, you’ll find an introduction to the FTP server’s interface (the WS_FTP Server Manager), system requirements, and the installation procedure.

What is Ipswich WS_FTP  Server?

Ipswich WS_FTP Server is a full-featured FTP server for Windows NT, Windows 2000 or later, and Windows XP systems . WS_FTP Server lets you create an FTP site that makes files and folders on your PC available to other users and customers. Users

can connect (via the Internet) to your site, list folders and files, and(depending on permissions) download and upload folders and files. You can control user access to the site itself and to its individual folders and files. You can create multiple FTP sites on

the WS_FTP Server — each will function as a completely separate site.WS_FTP Server complies with the current Internet standards for the FTP protocol (documented in RFC 959 and 1123). Users can connect to the server and transfer files by using an FTP client that complies with this protocol, such as Ipswitch WS_FTP Home or

Pro. The FTP server runs as a Windows NT service.

In this Chapter

CHAPTER 1

How FTP Works

FTP is based on the client–server model of communication between computers: one

computer runs a server program “serving up” information to other computers. The other computers, or systems, run client programs that request information and receive replies from the server. The system running the server program is an FTP server.To access an FTP server, users must be able to connect to the Internet, Intranet, or local area network (via a modem or local area network) with an FTP client program. An FTP client-server session establishes two connections: a control connection that stays open for the entire session and a data connection that opens and closes to transfer data such as folder listings and files to or from the server as requested by the client. Normally, the control connection occurs on port 21 on the FTP server. The FTP server runs continuously in the background and listens to port 21 for a connection request from an FTP client. When an FTP client requests a connection, the FTP server verifies the logon user ID and password and, if valid, it listens to this channel (control channel) for the next command. After a user logs on, their access to the FTP host’s file system is determined by permissions assigned to directories and folders.

How WS_FTP Server Works

WS_FTP Server is installed as a Windows service that runs continuously. WS_FTP Server lets you set up one or more FTP hosts, each with its own users, directories, and folders. Each FTP host functions as a separate FTP site. To set up an FTP host, you use the following components:

User accounts — WS_FTP Server can use existing user accounts from a Windows NT,I Mail Server (Ipswitch’s mail server product), or other ODBC external user database.You can also use the WS_FTP Server Manager to create accounts in an ODBC database,or its own user database. To log on from an FTP client, users enter their user ID and password, specified in their user account.

Anonymous logon — if enabled, a user can log on to your FTP site without having their own user account. You can use “anonymous FTP” to make folders and files on your PC publicly available, without having to create and maintain individual user accounts. Tolog on from an FTP client, users enter anonymous or ftp as their user ID. For the password, they should enter their e-mail address or no password.

Default public folders — All users on an FTP host have a folder (with the same name astheir User ID) under the FTP host’s top directory. Users can transfer files to and fromtheir own folders. If a folder named public is created in a user’s folder, all other users(including anonymous users) can view and download files in this public folder.

Home folder — for each FTP host, you can set whether you want users to start in their own folder, or start in the top directory when they log on.

FTP folders and permissions — If you want to grant FTP permissions for a folder on your computer, you can create an FTP folder and have it reference (point to) an existing folder. You can then grant permissions for any of the FTP users, including anonymous users.

User groups — You can create a user group and add users to it so you can grant appropriate permissions on a group basis.

 Major Features

(Version 5.0) New Ipswitch Notification Server to handle sending notifications of FTP Events.

(Version 5.0) Supports SMS, e-mail, pager, and program notifications.

(Version 5.0) Lets administrators set user’s home folders, which allows home folders to be shared. Allows the use of virtual folders as user home folders.

(Version 5.0) Lets a virtual folder reference a networked directory (UNC paths), provided the user has appropriate permissions to access the networked directory.

(Version 5.0) Rules can check login attempts, quota actions, and the ability to attach

 WS_FTP Home and Pro Client

If you need an FTP client, we recommend Ipswitch WS_FTP Home or Pro. Both the

WS_FTP clients let you communicate with virtually all types of FTP servers. If you use WS_FTP Pro with WS_FTP Server, you will get premium performance and advanced functionality, such as:

Encryption of user IDs and passwords sent over the network.

Ability to resume a failed transfer.

Ability to transfer from one remote FTP server to another (remote-to-remote transfer).

Ability to make secure (SSL) connections to the server. For more information about WS_FTP Home or Pro, visit our web site at: http:// www.ipswitch.com

 WS_FTP Server Security

WS_FTP Server provides the following security features:

Complete SSL capabilities with multiple levels of security that can be configured at the server level.

Logon connections send the user ID and password in an encrypted form, rather than

sending them across the network as text.

Users on an FTP client get an administrator-defined number of chances to send the correct user ID and password, after which the connection fails.

User IDs and passwords are stored in the Windows NT registry when using WS_FTP Server database.

Ability to control access to an FTP host by setting an IP address or range of addresses for which the FTP host either grants or denies access.

Ability to set permissions on all folders.

Ability to deny anonymous logins.

Ability to lock users to their home folder.

The WS_FTP Server Manager

The WS_FTP Server Manager lets you manage your FTP server configuration, and any FTP sites you create.The WS_FTP Server Manager presents a two panel window. In the left panel, click the plus sign (+) next to an item to display sub-items. When you click an item, its properties appear in the right panel.

You can have multiple FTP hosts (each functioning as a separate FTP server) on the

WS_FTP Server. In the left panel, under Local System, there is an entry for each FTP host that you create. Under each FTP host, there are user accounts, groups of users, and folders (FTP directories) for that host. You can manage all FTP server functions from the WS_FTP Server Manager.

Remote Management

Before you can remotely manage WS_FTP Server, you need to install WS_FTP ServerManager on the computer that will be used to do the remote management To install the WS_FTP Server Manager, run the install program (from CD-Rom, or from your e-commerce download) on the remote PC and select the WS_FTP Server Manageroption.

Background and History of LAN Bangladesh  University

Since September 2003, BangladeshUniversity has launched its 1st Generation of LAN  to support our staff and students’ need for enhancement in teaching, researching & learning. Staff and students are required to register the MAC address of their computer device before using the Wireless LAN. Because of the resource constraint, the access points for the LAN are limited to main campus areas only which implies the mobility for the LAN usage are also limited. As the LAN expands, Information Technology Services Centre (ITSC) installed and extended the LAN coverage to the Hostel building in Oct 2006.However, the 1st Generation LAN registration is never easy for the staff and students to get use of the wireless network as it is a time consuming process. To shorten the user authentication and further improve the convenience of the LAN usage, ITSC introduced the 2nd Generation of LAN which uses captive portal method for the user authentication and LAN establishment in March 2007. The use of the captive portal provided a user friendly system and eliminated the need of the MAC registration and users are required no extra settings on their client computers.

As technology grows, bandwidth and security has greatly leveraged and continued to emerge. The mission of ITSC strives to provide state-of-the-art Information Technology (IT) support and beneficiaries for BangladeshUniversity and therefore foresee the needs of the campus wide wireless communication development. As a result, the department has submitted a proposal to extend and re-construct its wireless infrastructure through UGC’s Alterations, Additions, Repairs and Improvements (AA&I) grant application. Details of the development are as follow.

To promote the studies and research works at university as well as to interface with the Government LAN program to provide free LAN Internet access services to all citizens by installing LAN facilities at designated government premises, Bangladesh University proposed an AA&I project -¡§Installation of LAN Infrastructure for Bangladesh University which aims to provide full coverage of LAN network on the campus in year 2007-08. By setting up the campus wide LAN  network, it is anticipated that the students and faculties can easily extend their studies and social activities in anywhere and at anytime.

The campus wide LAN provides a cost effective solution to enhance the network coverage yet unreachable by wired networks. For example, it is difficult to get wired infrastructure out to remote areas of the university such as the Student Activities  Centre (SAC) or Wing On Plaza, where a lot of sporting events held from time to time. The setup of wireless network in those locations will improve the communication channels in a cost effective way.

It cannot be denied that the mobility is the important reason for the university to initiate the campus wide LAN project. Before the project implementation, students are crowded in the Library and computer laboratories whenever they want Internet access. The high speed communication LAN network revamps their school life and provides a pleasant learning workspace for them. It allows teaching, learning, and research activities, as well as distance learning and remote discussion being conducted at canteen, late study room, the Library, green spaces and common areas at all time. It also provides a straightforward network registration and authentication with enough capacity to ensure secure, fast and extensive coverage.

The goal posts with providing coverage are always moving as new applications and devices launch with LAN Phase one is to offer full building and campus coverage (for details, please refer to the LAN including the indoor Sports Complex, lecture theatres, the Auditorium, canteen and the outdoor soccer pitch (SAC). It is targeted to cover 80% of the campus area by 4th Aug 2008 for the network access and supported different mobile devices such as laptops (for details, please refer to  LAN .

For phase two LAN development, it is targeted to cover most of the campus and upgrade the system to support mobile IP phone technology by the end of August 2008.

Hardware Requirements for Windows Server 2003

RequirementStandard EditionEnterprise EditionDatacenter EditionWeb Edition
Minimum CPU Speed133 MHz133 MHz for x86-based computers733 MHz for Itanium-based computers*400 MHz for x86-based computers733 MHz for Itanium-based computers133 MHz
Recommended CPU Speed550 MHz733 MHz733 MHz550 MHz
Minimum RAM128 MB128 MB512 MB128 MB
Recommended Minimum RAM256 MB256 MB1 GB256 MB
Maximum RAM4 GB32 GB for x86-based computers512 GB for Itanium-based computers*64 GB for x86-based computers512 GB for Itanium-based computers*2 GB
Multiprocessor Support **Up to 4Up to 8Minimum 8 requiredMaximum 64Up to 2
Disk Space for Setup1.5 GB1.5 GB for x86-based computers

2.0 GB for Itanium-based computers

1.5 GB for x86-based computers

2.0 GB for Itanium-based compute

 

 Install Windows Server 2003

Step #1: Plan your installation

When you run the Windows Server 2003 Setup program, you must provide information about how to install and configure the operating system. Thorough planning can make your installation of Windows Server 2003 more efficient by helping you to avoid potential problems during installation. An understanding of the configuration options will also help to ensure that you have properly configured your system.

I won’t go into that part right now (I might later this month, no promises…) but here are some of the most important things you should take into consideration when planning for your Windows Server 2003 installation:

  • Check System Requirements
  • Check Hardware and Software Compatibility
  • Determine Disk Partitioning Options
  • Choose the Appropriate File System: FAT, FAT32, NTFS
  • Decide on a Workgroup or Domain Installation
  • Complete a Pre-Installation Checklist

After you made sure you can go on, start the installation process.

 Step #2: Beginning the installation process

You can install Windows Server 2003 in several methods – all are valid and good, it all depends upon your needs and your limitations.

For example, you can install directly from a CD by booting your computer with the CD, or you can also copy the I386 folder from a CD and run the setup process by going into the I386 folder and using the WINNT or WINNT32 command (depending upon your existing operating system).It doesn’t matter how you run the setup process, but the moment it runs – all setup methods look alike.

Step #3: The text-based portion of the Setup program

The setup process begins loading a blue-looking text screen (not GUI). In that phase you will be asked to accept the EULA and choose a partition on which to install 2003, and if that partition is new, you’ll be asked to format it by using either FAT, FAT32 or NTFS.

Start the computer from the CD

  • Start the computer from the CD.
  •  You can press F6 if you need to install additional SCSI adapters or other mass-storage devices. If you do you will be asked to supply a floppy disk with the drivers and you CANNOT browse it (or a CD for that matter). Make sure you have one handy.

Start the computer from the CD 2

  •  If you want, you can press F2 to run the ASR sequence. For that you need a good backup created by the Windows Server 2003 backup program, and the ASR floppy disk. If you plan to install a new copy of 2003 – don’t do anything.

3

  • Setup will load all the needed files and drivers.

4

  •  Select To Setup Windows Server 2003 Now. If you want, and if you have a previous installation of the OS, you can try to fix it by pressing R. If not, just press ENTER.

5

  •  Read and accept the licensing agreement and press F8 if you accept it.

6

 Select or create the partition on which you will install Windows Server 2003. Depending upon your existing disk configuration choose one of the following:

  • If the hard disk is unpartitioned, you can create and size the partition on which you will install Windows Server 2003.

78

  • If the hard disk is already partitioned, but has enough unpartitioned disk space, you can create an additional partition in the unpartitioned space.
  • If the hard disk already has a partition that is large enough, you can install Windows Server 2003 on that partition. If the partition has an existing operating system, you will overwrite that operating system if you accept the default installation path. However, files other than the operating system files, such as program files and data files, will not be overwritten.
  • If the hard disk has an existing partition, you can delete it to create more unpartitioned space for the new partition. Deleting an existing partition erases all data on that partition.

If you select a new partition during Setup, create and size only the partition on which you will install Windows Server 2003. After installation, use Disk Management to partition the remaining space on the hard disk.

  1. Select a file system for the installation partition. After you create the partition on which you will install Windows Server 2003, you can use Setup to select the file system with which to format the partition. Windows Server 2003 supports the NTFS file system in addition to the file allocation table (FAT) and FAT32 file systems. Windows Server 2003, Windows XP Professional, Windows 2000, and Windows NT are the only Microsoft operating systems that you can use to gain access to data on a local hard disk that is formatted with NTFS. If you plan to gain access to files that are on a local Windows Server 2003 partition with the Microsoft Windows 95 or Windows 98 operating systems, you should format the partition with a FAT or FAT32 file system. We will use NTFS.

9

  1. Setup will then begin copying necessary files from the installation point (CD, local I386 or network share).
  2. Note: If you began the installation process from an MS-DOS floppy, make sure you have and run SMARTDRV from the floppy, otherwise the copying process will probably last more than an hour, perhaps even more. With SMARTDRV (or if setup was run by booting from CD) the copying will probably last a few minutes, no more than 5 max.

10

  1. The computer will restart in graphical mode, and the installation will continue.

11

Step #4: The GUI-based portion of the Setup program

The setup process reboots and loads a GUI mode phase.

12

It will then begin to load device drivers based upon what it finds on your computer. You don’t need to do anything at this stage

13

  1. Click Customize to change regional settings, if necessary.
  • Current System Locale – Affects how programs display dates, times, currency, and numbers. Choose the locale that matches your location, for example, French (Canada).
  • Current Keyboard Layout – Accommodates the special characters and symbols used in different languages. Your keyboard layout determines which characters appear when you press keys on the keyboard.

If you don’t need to make any changes just press Next.

14

Setup finishes and boots Windows Server 2003.

That’s it! you’re done!

15

Chapter 4 Creating and Configuring FTP Server

Creating and Configuring FTP Server

In this article we’ll walk you through the steps of creating FTP sites in Windows Server 2003 using both Internet Services Manager and scripts. The tutorial will also will explain how to perform common administration tasks involving FTP sites and also how to implement FTP User Isolation, a new feature of Windows Server 2003 enables users to have their own separate FTP home directories.

In a previous article we saw that Internet Information Services 6 (IIS 6) is a powerful platform for building and hosting web sites for both the Internet and corporate intranets. IIS 6 is also equally useful for setting up FTP sites for either public or corporate use, and in this article we”ll walk through the process of creating and configuring FTP sites using both the GUI (IIS Manager) and scripts included in Windows Server 2003. The specific tasks we”ll walk through in this article are:

  • Creating an FTP Site
  • Controlling Access to an FTP Site
  • Configuring FTP Site Logging
  • Stopping and Starting FTP Sites
  • Implementing FTP User Isolation

For sake of interest, we”ll again explain these tasks in the context of a fictitious company called TestCorp as it deploys FTP sites for both its corporate intranet and for anonymous users on the Internet.

Preliminary Steps

As mentioned in the previous article, IIS is not installed by default during a standard installation of Windows Server 2003, and if you installed IIS using Manage Your Server as described in the previous article this installs the WWW service but not the FTP service. So before we can create FTP sites we first have to install the FTP service on our IIS machine. To do this, we need to add an additional component to the Application Server role we assigned our machine when we used Manage Your Server to install IIS.

Begin by opening Add or Remove Programs in Control Panel and selecting Add/Remove Windows Components. Then select the checkbox for Application Server:

1

Click Details and select the checkbox for Internet Information Services (IIS):

2

Click Details and select the checkbox for File Transfer Protocol (FTP) Services.

3

Click OK twice and then Next to install the FTP service. During installation you”ll need to insert your Windows Server 2003 product CD or browse to a network distribution point where the Windows Server 2003 setup files are located. Click Finish when the wizard is done.

Creating an FTP Site

As with web sites, the simplest approach to identifying each FTP site on your machine is to assign each of them a separate IP address, so let”s say that our server has three IP addresses (172.16.11.210, 172.16.11.211 and 172.16.11.212) assigned to it. Our first task will be to create a new FTP site for the Human Resources department, but before we do that let”s first examine the Default FTP Site that was created when we installed the FTP service on our machine. Open IIS Manager in Administrative Tools, select FTP Sites in the console tree, and right-click on Default FTP Site and select Properties:

4

ust like the Default Web Site, the IP address for the Default FTP Site is set to All Unassigned. This means any IP address not specifically assigned to another FTP site on the machine opens the Default FTP Site instead, so right now opening either ftp://172.16.11.210, ftp://172.16.11.211 or ftp://172.16.11.212 in Internet Explorer will display the contents of the Default FTP Site.

Let”s assign the IP address 172.16.11.210 for the Human Resources FTP site and make D:\HR the folder where its content is located. To create the new FTP site, right-click on the FTP Sites node and select New –> FTP Site. This starts the FTP Site Creation Wizard. Click Next and type a description for the site:

5

Click Next and specify 172.16.11.210 as the IP address for the new site:

6

Click Next and select Do not isolate users, since this will be a site that anyone (including guest users) will be free to access:

7

Click Next and specify C:\HR as the location of the root directory for the site:

8

Click Next and leave the access permissions set at Read only as this site will only be used for downloading forms for present and prospective employees:

9

Click Next and then Finish to complete the wizard. The new Human Resources FTP site can now be seen in IIS Manager under the FTP Sites node:

10

To view the contents of this site, go to a Windows XP desktop on the same network and open the URL ftp://172.16.11.210 using Internet Explorer:

11

Note in the status bar at the bottom of the IE window that you are connected as an anonymous user. To view all users currently connected to the Human Resources FTP site, right-click on the site in Internet Service Manager and select Properties, then on the FTP Site tab click the Current Sessions button to open the FTP User Sessions dialog:

12

Note that anonymous users using IE are displayed as IEUser@ under Connected Users.Now let”s create another FTP site using a script instead of the GUI. We”ll create a site called Help and Support with root directory C:\Support and IP address 172.16.11.211

13

Here’s the result of running the script:

14

Controlling Access to an FTP Site

Just like for web sites, there are four ways you can control access to FTP sites on IIS: NTFS Permissions, IIS permissions, IP address restrictions, and authentication method. NTFS permissions are always your first line of defense but we can’t cover them in detail here. IIS permissions are specified on the Home Directory tab of your FTP site’s properties sheet:

15

Note that access permissions for FTP sites are much simpler (Read and Write only) than they are for web sites, and by default only Read permission is enabled, which allows users to download files from your FTP site. If you allow Write access, users will be able to upload files to the site as well. And of course access permissions and NTFS permissions combine the same way they do for web sites.

Like web sites, IP address restrictions can be used to allow or deny access to your site by clients that have a specific IP address, an IP address in a range of addresses, or a specific DNS name. These restrictions are configured on the Directory Security tab just as they are for web sites, and this was covered in the previous article so we won’t discuss them further here.

FTP sites also have fewer authentication options than web sites, as can be seen by selecting the Security Accounts tab:

16

By default Allow anonymous connections is selected, and this is fine for public FTP sites on the Internet but for private FTP sites on a corporate intranet you may want to clear this checkbox to prevent anonymous access to your site. Clearing this box has the result that your FTP site uses Basic Authentication instead, and users who try to access the site are presented with an authentication dialog box:

17

Note that Basic Authentication passes user credentials over the network in clear text so this means FTP sites are inherently insecure (they don’t support Windows integrated authentication). So if you’re going to deploy a private FTP site on your internal network make sure you close ports 20 and 21 on your firewall to block incoming FTP traffic from external users on the Internet.

Configuring FTP Site Logging

As with web sites, the default logging format for FTP sites is the W3C Extended Log File Format, and FTP site logs are stored in folders named

%SystemRoot%\system32\LogFiles\MSFTPSVCnnnnnnnnnn

where nnnnnnnnnn is the ID number of the FTP site. And just as with web sites, you can use the Microsoft Log Parser, part of the IIS 6.0 Resource Kit Tools, to analyze these FTP site logs.

Stopping and Starting FTP Sites

If an FTP site becomes unavailable you may need to restart it to get it working again, which you can do using IIS Manager by right-clicking on the FTP site and selecting Stop and then Start. From the command-line you can type net stop msftpsvc followed by net start msftpsvc or use iisreset to restart all IIS services. Remember that restarting an FTP site is a last resort as any users currently connected to the site will be disconnected.

Implementing FTP User Isolation

Finally, let’s conclude by looking at how to implement the new FTP User Isolation feature of IIS in Windows Server 2003. When an FTP site uses this feature, each user accessing the site has an FTP home directory that is a subdirectory under the root directory for the FTP site, and from the perspective of the user their FTP home directory appears to be the top-level folder of the site. This means users are prevented from viewing the files in other users’ FTP home directories, which has the advantage of providing security for each user’s files.

Let’s create a new FTP site called Staff that makes use of this new feature, using C:\Staff Folders as the root directory for the site and 172.16.11.212 for the site’s IP address. Start the FTP Site Creation Wizard as we did previously and step through it until you reach the FTP User Isolation page and select the Isolate users option on this page:

18

Managing FTP User Accounts

This chapter describes how to set up and manage FTP user accounts and how to set permissions for users and user groups.

How User Accounts Work

You can have an unlimited number of users for each FTP host.When you add an FTP host to the server, you select the user database for the host: Windows NT, IMail Server, WS_FTP Server, or external ODBC user database. If you selected the Windows NT, IMail Server, or external (ODBC) user databases, you may already have a list of users for the FTP host. (In the Server Manager, in the left pane, select the Users item to view the list of users.) If you selected Windows NT or IMail Server, you cannot use the Server Manager to add or delete users, but you can set additional

user options in the user properties. If you selected the WS_FTP Server, or external user database, you can add users by using the New User wizard. See “Adding an FTP

User Account” on

 Setting User Logon Options

For each FTP host, you can set whether you want users to start in their own folder, or start in the top directory when they log on. To set the logon option:

1 In the left pane, select the FTP host. The host properties appear in the right pane.

2 Click User Options. The User Settings dialog appears. How User Accounts Work

Setting User Logon Options Adding an FTP Account How Permissions Work Setting User Options Deleting a User Renaming a User Adding Users with the Command Line Utility How Users Can Change Their Passwords Creating User Groups Deleting a User Group

3 Select from the following options:

Maximum Concurrent and Anonymous Users. Enter the maximum number of users (including anonymous users) that can connect to the FTP host at the same time. The default is 1000 users.

Maximum Anonymous Users. Enter the maximum number of anonymous users that

can connect to the FTP host at the same time. The default is 200 users. Entering zero for either option disables new connections – this provides a way to temporarily stop logons to the FTP host, so you can update files.

User folder under root. When a user account is created, the folder for that account is created under the top directory of the FTP host.

Do not list user folders. When this option is selected, users will not be able to see otheruser folders. Only their own user folder, non-user folders, and files will be listed.

Do not auto create user home folders. If you do not want each user to automatically have their own folder, select this option. If either maximum limit is exceeded, a System Administrator or Host Administrator can still log on using the Server Manager. Also, a System Administrator can always log on using an FTP client.

Log on users to:

• Log on users to home folders. When a user logs on, they are placed in their own

folder (which has the same name as their user ID).

• Log on users to root. When a user logs on, they are placed in the top directory of

the FTP host.

Default User Settings Disable Public Access Directory. If the user has a folder named public in their folder,all users (including anonymous users) have List and Read permissions to the folder.This allows the user to maintain their own public directory for transferring files. Whenany other user logs on to the FTP host, this public folder appears in the users folder (inthe host’s top directory) and has the same name as the User ID. If you do not want other users to have permissions to this user’s public directory, select this option.

Disable Password Change. If you do not want this user to be able to change their password from an FTP client, select this option.

Lock User to Home Directory. If this option is selected, user will not be able to browse directories that do not appear in their home directory. 4 Click OK to save the changes.

Note: If the Do not auto create user home folders option is being used, users will be connected to the root directory even if the Logon users to home folders option is set. Administrators must manually create a home folder for the user before they will be able to log on to it. If the users are forced to logon to the root directory because they have no home folder, AND users are locked into home folders, the user will not be able to see or do anything once logged on.

Note: These settings will not be applied to existing users. They only apply to those users added after the settings were adjusted.

CHAPTER 4

Adding an FTP User Account

Once you have configured a host, you can add users for that host. To add a new user to an FTP host:

1 In the left pane, expand the FTP host. Select Users. The users list appears in the right pane.

2 Click the Add button. The first screen of the New User wizard appears.

3 Enter a User ID for the user and click Next to continue. The User ID can be from 2to 30 characters and must be from the character sets: A-Z, a-z, 0-9.

4 Enter the user’s full name and click Next to continue. The full name can be from 0 to 80 characters.

5 Enter a password and click Next to continue. The password can be from 2 to 30 characters. 35

6 Click Finish to create the new user. The user account appears in the list of users for the FTP host. To set additional properties for the user account, in the right pane, select the user and click Edit. See “Setting User Options” on page 36.

How Permissions Work

By default, users have the following permissions:

User accounts — Each user has their own folder (with the same name as the User ID) where they can upload and download files and folders. They have full permissions to

their folder. If you select Do not auto create user home folders in the User Properties, the user will have no folder of their own.

Anonymous users — If you selected to allow anonymous access (in the FTP host’s properties), any user can log on to the FTP host with a username of anonymous or ftp and a password that specifies their e-mail address (or no password). When a user logs on anonymously, they are placed in the top directory of the FTP host. Anonymous users can access any folders for which you have granted permissions to the special user group named anonymous.

Public folders — If a user wants to make their folders or files available to other users, they can create a folder named public in their folder. When another user (or anonymous user) logs on to the FTP host, in the folder named users, they will see a folder for any user that has a public folder. For example, if the users fred and homer have public folders, another user will see a listing like the following:

/fred /homer You can disable access to a public folder by selecting Disable Public Access in the user’s properties.

CHAPTER 4

Setting User Options

The following sections describe the options you can set for an individual user.

User Directories and User Password

In the user properties, the User directory box shows the full path name to the user’s folder. This folder has the same name as the User ID and is created under the users folder of the FTP host. The user can transfer files to and from this directory. When the user logs on, they are placed in this folder. By default, this is the only folder for which the user has full permissions. You can grant the user permissions for other folders by using the virtual folders feature. The Password box shows the user’s password in an encrypted form. You edit this box to change the password. The password can be from 2 to 30 characters.

Setting Logon, Public Directory, and Change Password Options

You can use the following options to set whether the user can access the FTP host, whether other users can access this user’s public directory, and whether the user can change password from an FTP client.1 In the left pane, expand the FTP host. Select Users. The users list appears in the right pane.

2 Select the user and click Edit. The User Options dialog appears.

3 If you do not want this user to be able to log on to the FTP host, select Disable

Login.You can use this option to disable a Windows NT or IMail Server user’s account without having to delete the user account from the Windows NT or IMail Server user databases. (The WS_FTP Server Manager cannot delete user accounts from either of these user databases.)

4 If you do not want other users to have permissions to this user’s public directory, select Disable Public Access Directory.If the user has a folder named public in their folder, all users (including anonymous users) have List and Read permissions to the folder. This allows the user to maintain

their own public directory for transferring files. When any other user logs on to the FTP host, this public folder appears in the users folder (in the host’s top directory) and has the same name as the User ID.

5 If you do not want this user to be able to change their password from an FTP client,

select Disable Password Change.

6 Click Apply to save changes.

 Setting File, Disk Space, and Bandwidth Quotas

You can set user global quotas for files, disk space, and bandwidth (the quotas apply to each user on the FTP host) or per individual user or user group. A user quota setting overrides a global (or host) quota setting as long as the user quota setting is not zero. To set a global value for the FTP host, or for a user group:

1 In the left pane, expand the FTP host, then select the appropriate quota type: Quota

Limits (for file quota or disk space quota) or Bandwidth Allocation.

To set global Quota Limits:

In the Max file count box, enter the maximum number of files a user can keep on

the FTP host. This is the total number of files for each of the user’s folders.

In the Max disk space box, enter the maximum number of bytes a user can consume

on the FTP host’s drives.

To set Quota Limits for a group:

Select the user group and click Edit. Make the entries in the Quota Group Management dialog.

To set global Bandwidth:

In the Max bandwidth box, enter the maximum bandwidth to allocate to the user.

The maximum allowable bandwidth is 1,024,000 Kb per second.

To set Bandwidth Allocation for a group:

Select the user group and click Edit. Make the entry in the Bandwidth Group Management dialog.

2 Click Apply to save the settings.

To set the maximum number of files, maximum amount of disk space, or maximum

badnwidth on a per user basis:

1 In the left pane, expand the FTP host. Select Users. The users list appears in the right pane.

2 Select the user and click Edit. The User Options dialog appears.

3 In each user’s properties, set the quotas for the user.

Note: This setting overrides a global quota setting.

Setting Administrator Permissions

You can grant Host Administrator and/or System Administrator permissions to a user. These permissions determine what the user sees when they log on to the FTP host from an FTP client or when they log on to the FTP server from the Server Manager (for remote management) For information on remote management capabilities, see “Setting Up FTP Hosts” on page 15.

To set administrator permissions:

1 In the left pane, expand the FTP host. Select Users. The users list appears in the right pane.

2 Select the user and click Edit. The User Options dialog appears.

3 Select Host Administrator to grant this user Host Administrator permissions. A Host Administrator has full permissions for all user folders on the FTP host, and has any permissions granted via virtual folders. In addition, the Host Administrator has remote management capabilities for the FTP host and all of its users, folders, and groups.

4 Select System Administrator to grant this user System Administrator permissions. A System Administrator has full permissions for their own folder, and has any permissions granted via virtual folders (just like a regular user). If you want the System Administrator to have access to all user folders, you need to also select Host Administrator. The System Administrator has remote management capabilities for all FTP hosts on the WS_FTP Server.

5 Click OK to save changes. In the left panel, the user icon indicates the type of access the user has to the FTP Host’s file system:

Normal user — has full permissions to their own folder and any other permissions

assigned by the Host Administrator. User icon has black hair.

Host Administrator — User icon has gray hair.

System Administrator — User icon has white hair.

Disabled User – User icon has red hair.

 Deleting a User

To delete a user from an FTP host:

1 In the left pane, expand the FTP host. Select Users. The users list appears in theright pane.

2 Select the user and click Remove. A dialog box appears and asks if you would like to delete all files and folders in the user’s folder.

3 Click No if you want to save files and folders to move to another directory (the user is deleted but the directory structure remains). Select Delete all files and folders in… to delete all files and folders associated with the user, then click Yes. Click Cancel if you do not want to delete the user.

 Renaming a User

To rename a user on an FTP host:

1 In the user list, select the user, and then select Rename from the right mouse menu.

2 Enter a new name for the user.

40 The name of the user’s top directory is changed, but the old folder and all files and folders within are left unchanged. You can change the user’s full name in the users options.

Chapter 6 Managing Folders

Managing Folders

This chapter describes how to set up and manage folders on an FTP host, and how to manage permissions on the folder.

Using Folders and Virtual folders

With WS_FTP Server:

You can grant access to any folder on your local system

You can create virtual folders that reference or ‘point to’ any folder on your local system.You can then grant permissions to a user or a user group for each

folder. If a user has permissions to a virtual folder, when they log on to the FTP host, the folder appears in the top directory of the host.

Granting Access to a Folder

To add a new folder to an FTP host:

1 In the left pane, expand the FTP host, and then select Folders. The folder list appears in the right pane.

2 Click Add. The Folder Permissions dialog appears. Using Folders and Virtual

FoldersGranting Access to a FolderAdding a Virtual Folder Granting Permissions for FTPFolders.

3 Enter the full path in the Directory box or click the Browse (…) button to select the

folder on your local system.

4 Click OK to add the folder to the folder list.All new folders, by default, grant list and read permissions to a special user group called everyone (which includes all users and anonymous users). To view or change permissions for the folder, see “Granting Permissions for FTP Folders” on .

Adding a Virtual Folder

A virtual folder name is an alias for the real folder, thus it can have any name — it does not,and should not have to be the same name as the folder to which it references.

To add a new virtual folder to an FTP host:

1 In the left pane, expand the FTP host, and then select Virtual Folders. The virtual

folder list appears in the right pane.

2 Click Add. The first screen of the New Folder wizard appears.

3 Enter a name for this “virtual” folder and click Next to continue.CHAPTER 5

4 Enter the local directory for which you are creating a virtual folder and click Next to

continue. The path must contain the drive letter to be a valid path. For example:

5 Click Finish to create the new folder.

All new virtual folders, by default, grant list and read permissions to a special user group called everyone (which includes all users and anonymous users). To view or change permissions for the virtual folder, see “Granting Permissions for FTP Folders” below.

 Granting Permissions for FTP Folders

You can grant permissions for any folder or virtual folder shown in their respective list. If you want all users on the FTP host to have permission for a folder, you can grant the permissions to everyone (this includes anonymous users). If you want users who log on anonymously to have permissions for a folder, you can grant the permissions to anonymous.

To grant permissions for a folder:

1 In the left pane, expand an FTP host, select Folders and select the folder from the list.

2 Click Edit. The folder properties appear.

3 In the User/Group list, select the user or user group for which you want to set or edit

permissions. Click Edit. The Permissions dialog appears.

4 If the user or group is not already in the list, click Add. The Permissions dialog appears.

5 Select the user or user group from the list. The permissions for that item appear.

6 Select the Permissions options:

No Permissions. No access to the folder. When logged on, the user or group will not see this folder. All Permissions. Read, Write, Delete, Rename, and List access.

Read. The user can download files from the folder. Write. The user can upload files to the folder. Delete. The user can delete files and folders in the folder. Rename. The user can rename files and folders in the folder. List. The user can display a listing of the folder contents. Specified Permissions. The user or user group has the selected permissions.

7 Optionally, select another user or user group and set their permissions.

8 Click OK to save your changes. To grant permissions for a virtual folder:

1 In the left pane, expand an FTP host, select Virtual Folders and select the virtual

folder from the list.

2 Click Edit. The virtual folder properties appear.

3 In the User/Group list, select the user or user group for which you want to set or edit

permissions. Click Edit. The Permissions dialog appears.

4 If the user or group is not already in the list, click Add. The Permissions dialog appears.CHAPTER 5

5 Select the Permissions options:

No Permissions. No access to the folder. When logged on, the user or group will not see this folder. All Permissions. Read, Write, Delete, Rename, and List access. Read. The user can download files from the folder.Write. The user can upload files to the folder. Delete. The user can delete files and folders in the folder. Rename. The user can rename files and folders in the folder. List. The user can display a listing of the folder contents. Specified Permissions. The user or user group has the selected permissions.

6 Optionally, select another user or user group and set their

permissions.

7 Click OK to save your changes. Notes on granting permissions

To set up an “upload” folder, you can grant Write permission only — this lets users

upload a file or folder, but they cannot list the contents of the Upload folder and they

cannot upload a file that has the same name as an existing file. You can add Delete permission if you want users to be able to overwrite an existing file.

To set up a “download” folder, you can grant List and Read permissions — this lets

users list the contents of the folder and download a file or folder.

NT Permissions on Windows 2003

NT permissions will work on Windows 2003 computers. To use this:

1 Set up a virtual folder to the top level folder you want to grant access to, and give rights to users and groups.

2 Using the NT permissions, set further restrictions on subfolders and files. Note: WS_FTP Server will use the highest restriction level set, so you can restrict users from areas that NT would grant permissions with by setting stronger permissions on the virtual folder.

Changing Folder Properties

To view or change folder properties:

1 In the left pane, expand the FTP host, and select Virtual Folders. The virtual folder list appears in the right pane.

2 Select the virtual folder and click Edit. The Virtual Folder properties dialog appears.

3 In the Directory box, enter the path of the directory for which you are creating a virtual folder. Use the Browse button to search your directories for the path.

4 You can increase security by selecting either Viewable only with 40-bit SSL or higher or Viewable only with 128-bit SSL or higher. Clients that do not have SSL enabled will not be able to view the folder when this option is selected.

5 Select Propagate these permissions to all sub-folders if you want all folders in this directory to have the same permissions.

6 Click OK to save your changes.

6.7 Changing Virtual Folder Properties

To view or change virtual folder properties:

1 In the left pane, expand the FTP host, and select Virtual Folders. The virtual folder list appears in the right pane.

2 Select the virtual folder and click Edit. The Virtual Folder properties dialogappears.

3 The Name box shows the folder name. To change the folder name, in the left pane,

right-click the name, select Rename from the right-mouse menu, and enter the new

name.

4 In the Destination box, enter the path of the directory for which you are creating a virtual folder. Use the Browse button to search your directories for the path.

5 To have virtual folders appear in user’s home folders, select the Include in user home folder listing option. When this option is selected, Do not include in top-level directory listing will also be enabled. Note: If you want to create a virtual folder that references a folder on the local network, you must either:

– Run WS_FTP Server under a user account that has Windows NTpermissions for that folder.- Use the NT User Database with NT file and directory permissions. In this

case, the user must have access to the network path.HAPTER 5

6 You can increase security by selecting either Viewable only with 40-bit SSL or higheror Viewable only with 128-bit SSL or higher. Clients that do not have SSL enabledwill not be able to view the folder when this option is selected.

7 Click OK to save your changes.

 Removing a Folder

To remove a folder or virtual folder from an FTP host:

1 In the left pane, select Folders or Virtual Folders.

2 Select the folder or virtual folder in the list and then click Remove. The folder is removed from the list, but the folder or directory to which it points remains.

Renaming a Virtual Folder

To rename a virtual folder:

1 In the left pane, select Virtual Folders.

2 Select the virtual folder in the virutal folder list, and then select Rename from the rightmouse menu.

3 Enter a new name for the folder.

Chapter 7 Using Rules

Using Rules

This chapter describes Rules and how to configure them. Rules canbe used to monitor the FTP Server and send you a message, or takeaction, when an event occurs.Rules can trigger a notification to send a message or to run a program. For information on defining a notification, see “UsingNotifications” on

About Rules

With the Rules feature, you can set up WS_FTP Server to preventor allow actions (such as a file upload or download) based on userID, and/or file types. You can also notify yourself, or another user,when an event occurs on the server.You can set permissions for an action (such as file upload) for anindividual user or by user group.

If a rule is set to send a message via e-mail, pager or SMS, theWS_FTP Server sends the notification using the IpswitchNotification Server.A rule can also launch a program when an event occurs. In thiscase, the Notifications server is not used because WS_FTP Serverruns the program locally.

The Rules List

The Rules List is where you add, edit, delete rules and set theprocessing order.The list shows all rules that you have created and the file mask(which determines which files are affected) applied to the rule. Therules are processed in the order listed.

Click Add to create a new rule by using the New Rule wizard. You can select from the following rule types:

Click Edit to edit the selected rule.Click Duplicate to add a new rule by copying the one selected and editing it.Click Remove to delete the selected rule.The server processes the rules by starting at the top of the list and working down. You canmove rules within the list to change the processing order.Click Move Up to move the selected rule up the list, thus moving it up in processing order.Click Move Down to move the selected rule down the list, thus moving it down inprocessing order.

Configuring Rules

1 In the left pane of the WS_FTP Server Manager, select the FTP host, and then select

Rules. The Rules list appears in the right pane.

2 In the Rules list, click Add. The first screen of the Rules wizard appears.

3 Select the rule type you want to set up, then proceed through the screens and enter theappropriate information to set up the rule, including:

Remote Rule Configuration

To give you the ability to remotely configure rules, you must select the Enable remote ruleconfiguration option on the General System Settings dialog.

 Rules Processing

When the selected event occurs (for example, a user uploads a file), WS_FTP Server doesthe following:

Compares the file name and the user ID with each rule for that event.

If WS_FTP Server finds a match, it checks if the user is permitted or not permitted to perform the action.

After permitting or denying the action, WS_FTP Server then sends all notifications thatare assigned to the rule.

If there is not a match, WS_FTP Server used the default action for that event and permits or denies based on that setting.

Note: The Notification Server must be configured. See “Configuring the Servers for Notifications” on page 58.

 Chapter 8 Using Notifications

Using Notifications

This chapter describes how to set up and configure notifications.Notifications can be used with rules to monitor the IpswitchWS_FTP server and send a message, or take an action, when anevent occurs.For information about setting up rules, see “Using Rules” on

About Notifications

A file transfer event, such as a file upload or a file download, cantrigger a notification that sends a message to a user or thatlaunches another application. This allows you to automate certainprocesses, such as:

Inform you (the server administrator) when a disk quota orfailed login limit is exceeded.

Inform a user that a file has arrived on the server and is readyfor the user to download

When a file is downloaded, send a message

When a user exceeds their disk quota, send a message

When a file is uploaded, launch an Anti-Virus program to scanfor viruses

Notification Types

There are four types of notifications: a message sent through email,pager, or SMS; or a command to launch an executableprogram. For the first three, the notification defines how themessage will be sent and to whom. These notifications aretriggered by a rule, and are processed by the Notifications Server.E-Mail. Sends a message to an e-mail address.Pager. Sends a message to a pager via a dial-up account.SMS. Short Message Service (SMS) is a service for sending messages of up to 160characters (224 characters if using a 5-bit mode) to mobile phones that use GSM (GlobalSystem for Mobile communication). SMS is similar to paging. However, SMS messages donot require the mobile phone to be active and within range and will be held for a number ofdays until the phone is active and within range. SMS messages are transmitted within thesame cell or to anyone with roaming service capability. They can also be sent to digitalphones from a Web site equipped with PC Link or from one digital phone to another.The fourth type of notification, a Program notification, is also triggered by a rule, butinstead of sending a message, it launches a program or a batch file. The program or file mustbe on the same PC that the Ipswitch WS_FTP Server is running on. Program notifications donot use the Ipswitch Notifications Server.

 Notification Server Manager

During installation of Ipswitch WS_FTP Server, you select to install the Ipswitch

Notifications Server on the same PC, or another PC.The Ipswitch Notification Server listens (default port 2001) for notification requests fromWS_FTP Server andprocesses the request to send a message through e-mail, pager, or SMSservice.The Notification Server processes and handles notification events, leaving WS_FTP Serverresources free to handle file transfers. The Notification Server Manager lets you configure

the logging and account information necessary for the Ipswitch WS_FTP Server to communicate with it.

 Configuring the Servers for Notifications

To use e-mail, SMS, or pager notifications, you must configure both the WS_FTP Server

and the Ipswitch Notification Server to communicate with each other. This section describesthe overall process.

1 Use the Notification Server Manager to configure these settings for the Notifications

server. On the PC on which you installed the Ipswitch Notifications Server, select

Programs -> Ipswitch Notification Server -> Notification Server Manager.

Create a user account for the WS_FTP server. When WS_FTP Server generates a

notification request, it logs on to the Notification Server using this account. This

account provides security for the Notification Server by limiting the access needed

to send a notification.

Set the port where the Notification Server listens for a request. The default is 2001.

Configure the logging of notification eventsThe table shows the required settings. Click Help on the screen for more information.

2 Use the WS_FTP Server Manager to configure the settings that tell it how to communicatewith the Notifications Server.To do this, in the WS_FTP Server Manager, in the left pane, select the FTP Server(usually Local System). Then, select Notification Server Settings and enter theappropriate settings. The table shows the required settings. Click Help on the screen formore information.

3 Use the WS_FTP Server Manager to create notifications and the rules that trigger them.

The Notifications Library

The Notifications Library shows the notifications that you can assign to a rule or multiplerules. This is where you create a new notification, test it, edit a notification, or remove itfrom the library.Notifications are listed in a tree-branch formation in the left column of the WS_FTP Server.Each type of notification has its own branch on the tree. When a notification type is selected,the right pane lists all configurenotifications of the selected type.

Editing a Notification

To edit a notification:

1 Select the notification and click Edit, or double-click the notification. The settings forthat notification appear.

2 Make any changes.

3 Select Ok or Apply to save your modifications.

Deleting a Notification

To delete a notification, select the notification and click Remove. The notification is deletedfrom every rule in which it is used.

Using Notifications- A Simulation

This section uses the e-mail notification to provide an example of how you can use

notifications and rules to monitor your FTP server.In the example, suppose you are the FTP Administrator for the Broad Street Printingcompany. When a customer has a document to be printed, he uploads the files to your FTPserver. The Print Production Manager has asked you to let her know when files are uploadedto the PrintReadfolder.

To accomplish this, you do the following:

Create an e-mail notification that can send a message to the Print ProductioManager.

Test the notification.

Create a rule to monitor uploads and assigns the notification to it.

1 In WS_FTP Server Manager, you expand the tree items in the left pane.

2 You expand the Notification Library, and select Send Email. The e-mailnotification listappears in the right pane.

3 In the right pane, you click Add to start the e-mail notification wizard.notification wizard has six screens. To define this notification, you enter thefollowing information on each screen:

4 You review the settings in the Notification Summary, then click Finish.The E-mail list appears with the new notification displayed.

Option: You enter:

NotesDisplayName: “PrintReady message” This is the display name used in the lists.

You’ll use this name to select thenotification when you create a rule.E-mail Gateway: 156.21.50.10 This is the IP address of the mail serveron Broad Street’s network.

From Address: FTPadmin@broadstreet.com Some mail servers check that the From

address is valid before accepting themessage. You can enter your e-mailaddress here.

To Address:productionmgr@broadstreet.comThe message is sent to this address.

Subject: File %simplename is ready The subject line uses the %simplenamevariable to report the file name.Notification.CHAPTER 7

5 Having completed the notification, you test it. From the Notifications list, select the

PrintReady notification, then click Test. Verify that the Print Production Manager

received the message.

6 Now, you create a File Upload rule for the PrintReady folder and assign the new notificationto it.In the WS_FTP Server Manager, you expand Rules, and select File Upload. The FileUpload rules list appears in the right pane.In the right pane, you click Add to start the Rules wizard.The rules wizard has 4 screens. To define the rule, you enter the following information:

7 You review the settings in the Rule Summary, then click Finish. The File Upload Ruleslist appears with the new rule displayed.

8 When your customer, in this case named Ipswitch, uploads a file to the PrintReady

folder, the FTP server sends an e-mail notification to your Print Production Manager.

The e-mail message looks something like this:

Chapter 9 Configuring SITE Commands

Configuring SITE Commands

With the Site Command feature, server administrators can useWS_FTP Server to create customized FTP commands that userscan use to execute applications on the FTP server.

Adding a Site Command

To add a new Site command

1 In the left pane of the WS_FTP Server Manager, expand theFTP host and then select Site Commands. The Site Commandslist appears.

2 In the Site Command list, click the Add button. The first windowof the Custom Site Command wizard appears.

3 Enter the name of the site command in the text box. Click Next. The HostCommand

Executable screen appears.

4 Enter the full path for the file that is to be executed when the site command is run, orselect it by clicking the Browse (…) button. Click Next. The Program Arguments

screen appears.Note: Never use server side applications (such as Notepad oWordpad) asthe executed program in a site command. Using these will display nothing forthuser, but each time the command is run, a new copy of the program isopened on the server.

Note: If using a batch file, you must enter CMD.exe in the Host CommandExecutable dialog. In the Program Arguments dialog, enter the full path ofthe batch file quotation marks. For example: “c:\iFtpSvc\jump.bat”

5 Enter %1-%5 for the allowed number of user defined variables, as well as any commandline arguments that are to be used when the command is executed. Spaces are delimitersfor arguments, so a single argument with a space will be treated as two, unless the entireargument is in quotation marks.

6 Click Next. The Summary window appears.

7 Review the information displayed to make sure it is correct. If the information is correct,click Finish to add the command. If the information needs to be changed, clickBack to move to the window that needs to be changed.After you set up the site command, you can add or change permissions for the command.

Modifying Site Command Properties

To view or change the properties for a SITE command:

1 In the left pane of the WS_FTP Server Manager, expand the FTP host and then selectSite Commands. The Site Commands list appears.

2 Select the site command and click Edit. The Site Command dialog appears.

3 Make changes to any of the properties.

Note: If you allow user-defined variables, it is suggested to select the Send Output option on the SITE Command Properties window after you set up thecommand. If this is not done, only a general success or failure message willbe returned to the user onthe server.Command. The name of the SITE command. This is also the command that is used toexecute the program. This property cannot be changed.Executable. The path and file name of the application that is run when the correctcommand is given. This can be changed by typing the full path and file name of theapplication, or by clicking the Browse (…) button and selecting the application from abrowse dialog box.

Arguments. Number of available user-defined variables that can be used with the

command (up to 5), as well as command line arguments.Send Output. When this option is selected, all output generated by the server will beshown to the user as the command is executed. If the option is cleared, no output will bereturned other than a success or failure message. Command variable errors will not bereturned unless this option is selected.Permissions. A list that displays which users are able to use the site command. ClickAdd to add new permissions. To delete a user’s permission, select it in the list and clickRemove.

4 Click OK to save the changes.

Modifying Site Command Permissions

To control who can use a command:

1 In the left pane of the WS_FTP Server Manager, expand the FTP host and then selectSite Commands. The Site Commands list appears.

2 Select the site command and click Edit. The Site Command dialog appears.

When the command was set up on the WS_FTP Server Manager, it automaticalladded anentry to the Permissions box that allows all users to use the command.

3 If you want to change the permission, select the default permission value and click

Remove. This will delete the permission.

4 Click Add to view the Permissions properties.5 In the Permissions properties, associate the user or group of users with the appropriateaccess to the command. In the case of site commands, permission is either all or none.

6 Click OK to add the user.Note: Permissions are used in the order in which they appear in thePermissions list. If a user appears at the top of the list, and that same user isbelow it in a group, the permissions set on the user will be used before permissions for the group.

Chapter 10 Managing FTP Hosts

Managing FTP Hosts

This chapter describes how you can use the WS_FTP Server Manager to manage FTP hosts from the local host or from aremote location.

Copying the Server Manager to a Remote Host

You can copy the WS_FTP Server Manager install program (mgrinst.exe) to another Windows NT, or Windows 2000 system andrun it to install the Server Manager which allows you to manageFTP hosts remotely.If you installed WS_FTP Server from a CD-Rom, you can use theCD-Rom to install the Server Manager on another Windows NT orWindows 2000 system to manage your server remotely.

Connecting to the WS_FTP Server

To connect to the FTP server:

1 Start the WS_FTP Server Manager.

2 In the left pane, select WS_FTP Servers.

3 In the right panel, click Connect. The Logon dialog boxappears.

4 In the IP Address box, enter the IP address of the host onwhich the FTP server is installed. (Note that you can connectto the server from the same host on which it is installed.)Note: If using NT User database with Active Directory onWindows 2000, FTP Administrators must also be a member ofan Admin group (or some other group to give them permissionto write to the NT registry).

5 In the Server port box, if your WS_FTP Server is not using port 21, change the portnumber to be assigned to the port.

6 Enter your User ID and Password. You must be a Host Administrator to access a particularFTP host, or a System Administrator to access all FTP hosts.

7 Click Use SSL to make a secure connection to the server.

8 Click OK. The Server Manager connects to the FTP server.

In the left pane, you will see the IP Address of the FTP server. Select the IP Address andexpand it to show the FTP hosts on the FTP server. You can make changes to FTP hosts,users, and folders (your access to FTP hosts and users depends on whether you are theSystem Administrator or the Host Administrator — see user properties for moreinformation).For the most part, you can use the same Server Manager functions that you can use if youwere on the local system, but note the following differences:

You cannot stop or start the server.

Any changes you make remotely occur immediately, without stopping and restarting theserver (except the server port).

You can change the server port, but it does not take effect until the server is restarted.

After making changes remotely, select Refresh from the View menu (or press F5) to

make the changes also appear under the Local System.Click Disconnect to end the session and close the Server Manager.

 Monitoring Active FTP Sessions

When connected to the FTP server from a remote system (or from the host on which it isinstalled), you can use the WS_FTP Server Manager to view and monitor active connectionsto the FTP server.

To view active sessions:

1 In the left pane, select Local Host. The Local Host properties list appears in the rightpane.

2 Click Session Manager. The Session Manager window appears.

Server Statistics

The Session Manager window reports the following WS_FTP Server statistics. Connectionand File statistics represent the count since the server was last started, or since the counterwas reset.Connection statistics: Current number of connections, Maximum number of concurrentconnections, Total number of connections.

File statistics: the number of files Transmitted (downloaded), Received (uploaded), andDeletedTransmits in progress: The number of downloads in progress.Receives in progress: The number of uploads in progress.Click Reset to zero the counters within the WS_FTP Server. Note that these are the samevalues you can view and chart in the Windows NT Performance Manager (for moreinformation, see “Monitoring FTP Server Statistics” on).

 Active Sessions

The Session Manager window shows all active connections from an FTP client (FTP

sessions) or from a WS_FTP Server Manager to the FTP server. For each connection, theSession Manager shows:

Address. The IP address of the FTP client or remote WS_FTP Server Manager.

Host. The FTP host to which the client is connected. If there is only one FTP host on theWS_FTP Server, this column does not appear.User. The User ID used to connect to the host.Directory. The last directory accessed during this session.LastCommand. The last FTP command issued by the client or Server Manager.Idle. The number of seconds the session has not received a command or data from the clientand has not sent a response or data to the client for the reported number of seconds. You can

control the amount of idle time allowed for a session by setting a Timeout value in the host’sproperties.TA (Transfer Active). Indicates that a data channel is active for a session. If it shows avalue of 1, the RETR or STOR command is currently active, which means data is beingtransferred (retrieved or stored). If it shows a value of 0, the data channel is inactive.To update the list of active connections, click Refresh.

To end a session, select the session’s Address and click Kill. The listing automatically

refreshes, but may take a few seconds.

Monitoring FTP Server Statistics

You can use the Windows NT Performance Manager to monitor statistics reported by theWS_FTP Server, including the number of concurrent connections, the total number ofconnections since the server started (or was reset), and the number of files transferred.To display WS_FTP Server statistics:

1 From the Start menu, select Programs->Administrative Tools (Common)->Performance Monitor. The Windows NT Performance Monitor appears.

2 From File menu, select New to create a new chart. See the Performance Monitor’s helpsystem for information on using charts.

3 From the Edit menu, select Add to Chart. The Add to Chart dialog box appears.

In the Computer box, select the Windows NT name of the computer on which the

WS_FTP server is installed. (The default is the local computer, but you can also connectto another computer on the local network.)In the Object box, select Ipswitch WS_FTP Server. The WS_FTP server countersappear in the Counter list.Select a counter and click Add to add it to the chart.Click Explain to display a brief description of the counter.

4 To save the settings to a file, select Save Chart Settings from the File menu.

Chapter 11 Conclusion

 Conclusion

Comparing to wired network , networks are costly are costly , noisly and unreliable . From my study I have also realized that security is a major issue of LAN, so researchers should more study for the security development of LAN.As LAN become popular and given the poor performance of TCP over LAN links becomes more relevant, more  detail studies are necessary.

I have also studied the efficiency of  Local Area Network and not only that but also I found that though theoretically it can cove 300ft but it covers only 100 ft.

Future Works

Firstly, the poor performance of TCP in WLAN can be researched for further development. Another area of further research is to elimination of two major problems hidden station problem and exposed station problem.

As there are many new features IEEE 802.11, such as CSMA/CA scheme with acknowledgement , Network Allocation vector (NAV) for deferring access to the channel , and two short farms for reserving the channel. With all these new features, IEEE 802.11 theoretically provides better MAC services in terms of quality services . However, these features might increase the overhead and reduce throughput.

It is also planned that wireless LAN will be finally used also as alternative access networks to 3rd generation cellular devices. Interchangeability between future wireless LANs (Hiper LAN/2) and wide Band Cellular protocols(w-CDMA) will support this feature. So future research may be done on how to access from WLAN to 30 backbone network.