The inability to copy remote files downloaded using client FTP Windows Vista program was investigated after an Access Denied Exception was thrown during copying the remote files. A subsequent Web search revealed three Microsoft Knowledge Base articles that explained the cause of the problem and one of them gave a link to a Microsoft Hotfix. This article presents a programmatic solution based on adding permissions to the files.
There are three computers: A, B and C. Computers A and B run Windows Vista, and are members of the same domain AB (Figure 1).
There are two domain accounts. One is a Standard User account. The other is an Administrator account. An X program, written in C#, may run in either account. This program performs two actions: executes the FTP client program on Computer B and copies files from a shared folder on Computer B to Computer A.
There is only one Administrator domain account. A shared folder exists to be accessible for Computer A. A Y program, written in C#, uses the FTP client program packaged with Windows Vista to download files from Computer C on demand to the shared folder.
There is an FTP Server that satisfies the requests coming from the communicated client on Computer B.
Figure 1. Connected Computers with shown Control and Data Flows
The X program on Computer A is written to require that the Y program on Computer B download a specific file from Computer C to the shared folder. Then, the X program copies that file to Computer A.
When the X program ran in the Standard User account on Computer A, some files were copied from Computer B and some were not. For files that were not copied, the X program displayed a Message Box with "access denied" because of an exception caught during the copy operation.
The following factors were considered during analysis:
Symptoms of the Problem
As we can see from the above examples, files that were downloaded with FTP on Computer B do not have the permission that allows the X program on Computer A to copy them to that computer.
Web Search Findings
Conducting information search for resources on the Web and reviewing data revealed the following Microsoft articles:
The first two Microsoft articles describe inheritance of permissions for copied or moved files.
The third Microsoft article describes the same symptoms that are described in this article.
Cause of the Problem
It becomes clear from the three articles that the "access denied" was caused by the faulty implementation of the download function of the FTP.exe in Windows Vista.
The third article describes the steps of FTP downloading: the Ftp.exe creates a temporary file in the %temp% folder, and after its successful downloading, it inherits permissions of its parent folder without changing permissions before moving it to the destination folder on the same partition. There is a link to the Microsoft hotfix: http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=973510&kbln=en-us
Another possible solution that is applicable is to programmatically add the needed Permission on the FTP downloaded files. A C# code example follows:
FileInfo fi = new FileInfo(fileNameVariable);
FileSecurity fs = fi.GetAccessControl();
//Name of a user account and type of operation associated with access rules below are
//used only as an example.
fs.AddAccessRule(new FileSystemAccessRule("Domain Users",
An example of the Permissions for an FTPed file after execution of the above code is shown on Figure 5.
Figure 5. Modified Permissions for an FTPed file
Executing the presented code changes permissions on the FTP downloaded files on Computer B will allow the X program on Computer A to copy the files to that computer. You can adapt this code example by selecting suitable for your company policy arguments to create your own programmatic solution.
My special thanks to my colleagues who supported me with their advice while they were waiting for this solution to be successfully applied. I own my deep gratefulness to Kevin Michaels without whom this task could not have been accomplished. I also thank Debie Urycki for proof reading and suggestions on corrections.
About the Author
Boris Eligulashvili was a Systems Software Architect at ViewRay, Inc. a medical device company developing advanced radiation therapy technology for the treatment of cancer at time of writing this paper. In his career, he has implemented many innovative software solutions for various software development projects.