Permission inheritance issue

Re: Permission inheritance issue

Where's all the System Administrators on the forum ??????

Re. Your issue:
Your issue relates to folder permissions. Why is the ftp scan/file sent(TX) with explicit/inherited permission that are void in the received(RX) folder? You would believe the scanned file should accept the inherited folder permissions when it's received(RX). Are you logging into the scan share folder from a limited user account with limited access rights? How many different access rights are set upon the share folder? Is the ftp server local or on the internet? Have you tried using scan to SMB? How is the O/S firewall configured for private and public access ?

Re. Applet hacks:
There are many and various solutions when solving the same operator system problem ie., there is more than one way to skin a cat... Delving into the politics of Operating Systems access is not one of my favourite topics. Being a Tech your probably not going to get much help from any Sys-Admin I.T. when it comes to security issues.

cd\share_folder
icacls * /RESET

Resetting the general access rights does not give ownership of the file or folder.

BTW. Thanks for posting this thread. You made me get off my asset an look further at your issue. Along the way I had a light-bulb moment, an I feel I may have found a solution to an totally unrelated software problem I've been working on. I have come across a similar issue that you have discribed with loss of access to PC general directories. In frustration I sometimes just reset my operating system when I lose folder access. I like to believe I have full control over the ON/OFF an RESET switch. Hackers can't seem to write a software hack for the reset switch. I load a RESET image file CD, sit back with cup of coffee, and 30min later where back on line.

Re: Permission inheritance issue

Its a very simple peer-peer network with a couple of laptops one white box and the machine(KM B601).
The white box i change to static and used FTP utility on there. I simply shared the RX folder.
Newly created files from that computer or the others in that folder works.

So FTP utility should then be the problem.

There is no settings on the machine i know about relating to file ownership??

I will give SMB scan a try. But don't like SMB because of the NTLM/SMB version trouble shooting bit on it concerning older machines.
If that works then FTP utility would be the problem i would think.

... Why do i always think of these things to late. I will scan using the public user from the machine?
Could be because of Account Track on the machine??

Re: Permission inheritance issue

I still think scan to SMB is the fastest, most secure method of scanning, but it has become more complicated of late.

For my business customers, it's still my first choice because they generally have the infrastructure to support it, especially since they're primarily scanning to a server as opposed to individual workstations. To get past permissions issues, I have them create either an Active Directory account for the copier, or a local account on the server if there's no AD, that has full permissions to the scan folder. For added security, I have the admins set the security profile for the account to deny it the ability to log onto any computer locally or through RDP so that it can only be used to access the folder. Depending on the size of the customer, either the share or NTFS permissions are set to allow the correct user(s) access to the folder.

It's worked quite well, and when I get the chance, I'll get a copy of the procedure I use and post it here. So far, other than issues related to older equipment or poorly configured networks I haven't had any issues with the set up.

In terms of Scan to FTP, it's effective but I find a lot of my customers have become very security conscious and are leery of having a service running on their network that doesn't require authentication or that can't be filtered.
Scan to email is also great, except that it can be even more of a hassle because of the tightening of email security, and also since most MFP's really don't offer any kind of full security in terms of the contents of the email so I won't even offer it to customers looking to send any kind of financial or medical information.

Sent from my Classic using Tapatalk

Re: Permission inheritance issue

I don't use ftp utility anymore because I think using IIS is easy and better. It is ftp utility that causes the lock as I have tested this. I have heard from one of my co-workers that the lock doesn't happen if you scan to the users desktop and not the C Drive.

Here is a tutorial I created to scan to konica minolta device using IIS. It runs as a service and works very well.

Scan via FTP using IIS.pdf

Sent from my Nexus 6P using Tapatalk