I'm having trouble securing a new FTP site on a 2003 R2 box.My troubles are 2 fold. Firstly in order to log in at all users must be given access to the root directory of the site, allowing them to see the entire structure laid out there.What I need is to allow some users to see and access some parts of the tree but not others. To be able to navigate to the page (which seems to require read access to the root) without seeing everything on it.Is the solution to explicitly deny priviledges on all the sub folders below the root that I don't want seen?My second issue is that if I'm willing to look at the site as a set of blue links instead of a directory structure I don't even have to validate at all. Note that anonymous access is not allowed.

Note that even using explicit denial of rights users can still see folders to which they are denied access.

Bump, anyone?

Recently I came back to this issue and successfully implemented a blind downloader stlye account that prevented anyone from seeing the sites contents while still downloading (as long as they knew the path of the file they wanted to download). The solution is here: http://support.microsoft.com/default.aspx?scid=kb;[LN];314932 I do, however, have another problem with the site that I hope you might be able to help me with. No matter what permissions I place on any given user they are denied permission to upload files onto the site. The error message reads as follows... An error occurred copying a file to the FTP Server. Make sure you have permission to put files on the server. Details: 200 Type set to I. 227 Entering Passive Mode (IP ADDRESS PORTS). 550 (FILENAME): access is denied.