Quota & Usermanagement in Win2K or Win2K3

Hi,
I have a question: I am doing some test on a server that will be used for shared hosting, consider the following directory structure:

- root
--- websites
---------- hosting0001
--------------- www
--------------- data
--------------- logs
---------- hosting0002
--------------- www
--------------- data
--------------- logs
---------- hosting0003
--------------- www
--------------- data
--------------- logs

i've created account (hosting0001, hosting0002, etc) that belong to different hostingclients. These account have the right to 'modify' things on 'their' directory (so the account 'hosting0001' has 'modify-rights on hosting0001\www, hosting0001\data and hosting0001\logs). The www-directory is the root of the corresponding website, the data-directory is directory that will contain access-databases and other stuff that shouldn't be accessible from the web directly, the logs-directory is used for IIS-loggings. The anonymous IIS-user (I used in this case only 1 account IUSR_MACHINE, other question: is it better to have different anonymous users, eg one for every website??) has 'Read & Execute', 'List folder contents' on the www-folder and 'Modify' on the data-folder (that user must be able eg to open the access-databases). Let's say I have configured a quota of 10 Mb for all those hosting-users (hosting0001, hosting0002, ...): the users who are using FTP to add information to those folders will be stopped once they reach the quota-limit of their useraccounts, that's nice, no problem.
When I use a component to upload documents to the data-folder, then of course the owner of that document is not the hostingaccount (hosting0001, hosting0002, ...), but it is the anonymous user IUSR_MACHINE and this is where it goes all wrong.... I cannot control the quota's of the hostingaccounts that way... Apparently you cannot set quota to a group, so how is this solved? And what to if want my clients to use more than one FTP-account...
How to solve this (without using additional soft)?
Thanks in advance,
Tim.

 

 

 

 

Top