Re: Serv-U

Dale E. Reed Jr. ( (no email) )
Fri, 09 May 1997 17:31:41 -0700

David Kerr wrote:
>
> I have two machines. The primary domain controller is running emerald and
> RadiusNT.
> The other machine is running web (IIs3.0) and Serv-U.
>
> The Web machine is a stand alone server and is part of the NT domain.
>
> I have Serv-U running now as a service on the web box logging in as a
> global User of the NT domain.
>
> What ever user serv-u thinks emerald is ok'ing is not getting access to
> commands such as ls,get,,,,,,.

Here is the log file intepretation:

Fri May 09 16:37:32 1997 HandleClientEvent 3: MANDY
Fri May 09 16:37:32 1997 HandleClientEvent 3: mandy
Fri May 09 16:37:32 1997 LoadUser MANDY
Fri May 09 16:37:32 1997 LoadUser Good
Fri May 09 16:37:32 1997 mandy Added to
cache
Fri May 09 16:37:32 1997 HandleClientEvent 3: Status: 1

We OKed the Password.

Fri May 09 16:37:32 1997 HandleClientEvent 24: MANDY
Fri May 09 16:37:32 1997 mandy Found in
cache
Fri May 09 16:37:32 1997 HandleClientEvent 24: Status:
0

We don't care about one login per IP.

Fri May 09 16:37:32 1997 HandleClientEvent 2: MANDY
Fri May 09 16:37:32 1997 mandy Found in
cache
Fri May 09 16:37:32 1997 HandleClientEvent 2:
\\WEB\D$\InetPub\phonet\mandy
Fri May 09 16:37:32 1997 HandleClientEvent 2: Status: 1

The user's home dir is \\WEB\D$\InetPub\phonet\mandy. I caution
AGAINST using \\machine\d$ because its an administrator share and
requires administrative credentials to work.

Fri May 09 16:37:32 1997 HandleClientEvent 13: MANDY
Fri May 09 16:37:32 1997 mandy Found in
cache
Fri May 09 16:37:32 1997 HandleClientEvent 13: Status:
0

We don't allow access to hidden files.

Fri May 09 16:37:32 1997 HandleClientEvent 14: MANDY
Fri May 09 16:37:32 1997 mandy Found in
cache
Fri May 09 16:37:32 1997 HandleClientEvent 14: Status:
1

use Relative pathing

Fri May 09 16:37:32 1997 HandleClientEvent 15: MANDY
Fri May 09 16:37:32 1997 mandy Found in
cache
Fri May 09 16:37:32 1997 HandleClientEvent 15: Status:
0

We don't care about ratios.

Fri May 09 16:37:32 1997 HandleClientEvent 20: MANDY
Fri May 09 16:37:32 1997 mandy Found in
cache
Fri May 09 16:37:32 1997 HandleClientEvent 20: Status:
0

Disk quota not enabled.

Fri May 09 16:37:32 1997 HandleClientEvent 1: MANDY
Fri May 09 16:37:32 1997 mandy Found in
cache
Fri May 09 16:37:32 1997 HandleClientEvent 1: Status: 0

No login message file.

Fri May 09 16:37:33 1997 HandleClientEvent 10: MANDY
Fri May 09 16:37:33 1997 mandy Found in
cache
Fri May 09 16:37:33 1997 HandleClientEvent 10: Status:
0

Do not allow directory changing.

The types I would be interesting in seeing in the log are:

#define SU_WriteFile 5 // verify write access
#define SU_ReadFile 6 // verify read access
#define SU_ModifyFile 7 // verify modify/delete file access
#define SU_ExecProg 8 // verify execute access
#define SU_ListDir 9 // verify dir listing access
#define SU_ChangeDir 10 // verify dir change access
#define SU_DeleteDir 11 // verify dir delete access
#define SU_CreateDir 12 // verify dir create access

If you see a status: 1, then it is allowed, status: 0 is not allowed.

-- Dale E. Reed Jr.  (daler@iea.com)_________________________________________________________________       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |    http://www.emerald.iea.com