Have an issue with removing a user from a group for FTP and expecting that user not to retain FTP access.
Setup:
- Basic lab vm setup (virtualbox)
- Server 2008 R2, FTP 7, IIS 7
- FTP Authentication - Basic enable, anon disabled
- FTP Authorization - user allow rule and group allow rule, both read/write
- FTP SSL Settings - require sll and use 128 bit
- ftpgroup - not a memberof anything else
- testuser1 - domain users, ftpgroup
- testuser2 - domain users
- testadmin - domain users, admins, domain admins (works as expected with allow rules, haven't tried within a group)
Issue
- Setup testuser1 and added testuser1 to ftpgroup. Tested with FTP client, everything works as it should.
- Remove testuser1 from ftpgroup, tested with FTP client, I expect a 530 error, but the user still retains access. I'm forgetting to do something here I think.
- Create testuser2 and then an allow rule for testuser2, tested with FTP client, it works
- Remove that allow rule for testuser2, test with FTP client, I get the 530 error (expected this)
- Side note - remove allow rule for ftpgroup, test with FTP client - 530 error
I feel as if I am forgetting to do something with the group and thats why the user retains access. Any help is greatly appreciated.
tuck