JT_SIRO
asked on
FTP setup in IIS
I'm setting up FTP in IIS for at least 50 people. I want them to access only their one folder.
I'm running Windows Server 2008 R2. I've followed a few tutorials and it hasn't quite worked yet.
I'm trying to us the User Isolation option, and have created a test folder:
c:\OurClients\JonDoe
Do I need to set up a windows user account for each of the 50 people? e.g., a user named JonDoe? Or are the users configured in IIS? Then also allow him in FTP Authorization?
I'm running Windows Server 2008 R2. I've followed a few tutorials and it hasn't quite worked yet.
I'm trying to us the User Isolation option, and have created a test folder:
c:\OurClients\JonDoe
Do I need to set up a windows user account for each of the 50 people? e.g., a user named JonDoe? Or are the users configured in IIS? Then also allow him in FTP Authorization?
Hi,
Here is just an example from previous posts i have answerwed. Form the sounds of it, your users are not in the localusers directory....
Do I need to set up a windows user account for each of the 50 people? e.g., a user named JonDoe?
--> For user security the FTP Service supports anonymous, which is not recommended, and there are also two ways of authenticating your FTP users:
Windows Authentication - Users are located in the Active Directory or local user store on the
dedicated FTP server.
IIS Manager Authentication - This is the new feature, where IIS Manager is used for user
administration and all users are added using IIS Manager and
authentication is handled by the new “IISManagerAuth” provider.
Then also allow him in FTP Authorization?
--> Yep
----
Please take a look here for user isolation with FTP 7.5 as the steps above are for IIS 6 FTP running on Windows 2008.
http://learn.iis.net/page.aspx/305/configuring-ftp-75-user-isolation/
FTP 7.5 for IIS7 Download -- http://www.iis.net/download/FTP (bottom right corner)
First, In FTP Authentication. Do you have Basic Authorization enabled? are are you using anonymous?
Secondly, In FTP Authorization Rules, Did you specify all the users as
Mode:Allow Users:administraotr Permissions:Read,Write
Mode:Allow Users:clientA Permissions:Read
Mode:Allow Users:clientB Permissions:Read
Are these domain users or locally created users? This is important for the physical directory path below ;)
IIS user isolation required that the phyiscal root directories be setup like such matching the user ID.
D:\FTP Sites\LocalUser\administra tor
D:\FTP Sites\LocalUser\ClientA
D:\FTP Sites\LocalUser\ClientB
D:\FTP Sites\LocalUser\ClientC
D:\FTP Sites can be anything, The KEY folder here is "LocalUser".
Don't forget to restrict NTFS permissions so that only administrators or the Machine\Client(A|B|C) can read/write to the specified folders.
USER ISOLATION:
Select the option "User name directory (disable global virtual directories) " in the FTP user isolation feature.
Now for the administrator. Here is the trick - Create a virtual Directory in IIS Manager under the D:\FTP Sites\LocalUser\administra tor\<call it Root or --Toplevel--> and have it point to the D:\FTP Sites\. Now your admin can login and go thorugh all folders with isolation setup.
User Account Types Physical Home Directory Syntax
Anonymous users %FtpRoot%\LocalUser\Public
Local Windows user accounts %FtpRoot%\LocalUser\%UserN ame%
Windows domain accounts %FtpRoot%\%UserDomain%\%Us erName%
IIS Manager or ASP.NET custom %FtpRoot%\LocalUser\%UserN ame%
Let me know if you have any issues,
Hades666
Here is just an example from previous posts i have answerwed. Form the sounds of it, your users are not in the localusers directory....
Do I need to set up a windows user account for each of the 50 people? e.g., a user named JonDoe?
--> For user security the FTP Service supports anonymous, which is not recommended, and there are also two ways of authenticating your FTP users:
Windows Authentication - Users are located in the Active Directory or local user store on the
dedicated FTP server.
IIS Manager Authentication - This is the new feature, where IIS Manager is used for user
administration and all users are added using IIS Manager and
authentication is handled by the new “IISManagerAuth” provider.
Then also allow him in FTP Authorization?
--> Yep
----
Please take a look here for user isolation with FTP 7.5 as the steps above are for IIS 6 FTP running on Windows 2008.
http://learn.iis.net/page.aspx/305/configuring-ftp-75-user-isolation/
FTP 7.5 for IIS7 Download -- http://www.iis.net/download/FTP (bottom right corner)
First, In FTP Authentication. Do you have Basic Authorization enabled? are are you using anonymous?
Secondly, In FTP Authorization Rules, Did you specify all the users as
Mode:Allow Users:administraotr Permissions:Read,Write
Mode:Allow Users:clientA Permissions:Read
Mode:Allow Users:clientB Permissions:Read
Are these domain users or locally created users? This is important for the physical directory path below ;)
IIS user isolation required that the phyiscal root directories be setup like such matching the user ID.
D:\FTP Sites\LocalUser\administra
D:\FTP Sites\LocalUser\ClientA
D:\FTP Sites\LocalUser\ClientB
D:\FTP Sites\LocalUser\ClientC
D:\FTP Sites can be anything, The KEY folder here is "LocalUser".
Don't forget to restrict NTFS permissions so that only administrators or the Machine\Client(A|B|C) can read/write to the specified folders.
USER ISOLATION:
Select the option "User name directory (disable global virtual directories) " in the FTP user isolation feature.
Now for the administrator. Here is the trick - Create a virtual Directory in IIS Manager under the D:\FTP Sites\LocalUser\administra
User Account Types Physical Home Directory Syntax
Anonymous users %FtpRoot%\LocalUser\Public
Local Windows user accounts %FtpRoot%\LocalUser\%UserN
Windows domain accounts %FtpRoot%\%UserDomain%\%Us
IIS Manager or ASP.NET custom %FtpRoot%\LocalUser\%UserN
Let me know if you have any issues,
Hades666
ASKER
Thanks for the responses.
I created a user JonDoe, in the group "Users" and added him to FTP Authorization along with my Administrator account. I was able to FTP into my root folder with JonDoe / password. Then I changed the Isolate User option to "User Name Physical directory", then I wasn't able to log into either.
My ftp root is: c:\MusicSearchTest
I created the folder at C:\inetpub\MusicSearchApp_ TEST\Local User\JonDo e
And I created the folder at c:\MusicSearchTest\LocalUs er\JonDoe
Everything looks right - Except maybe Hades,question:
"Are these domain users or locally created users? This is important for the physical directory path below"
I'm new to Win Sever and don't really know the answer to that question. I'll go research, but please let me know if you have any other suggestions to get the FTP isolation going.. Thx -
Justin
I created a user JonDoe, in the group "Users" and added him to FTP Authorization along with my Administrator account. I was able to FTP into my root folder with JonDoe / password. Then I changed the Isolate User option to "User Name Physical directory", then I wasn't able to log into either.
My ftp root is: c:\MusicSearchTest
I created the folder at C:\inetpub\MusicSearchApp_
And I created the folder at c:\MusicSearchTest\LocalUs
Everything looks right - Except maybe Hades,question:
"Are these domain users or locally created users? This is important for the physical directory path below"
I'm new to Win Sever and don't really know the answer to that question. I'll go research, but please let me know if you have any other suggestions to get the FTP isolation going.. Thx -
Justin
ASKER
Another thing to note:
I can get JonDoe to log in and default to the JonDoe folder when I select the "Do not isolate user - Start user in username directory". So the problem is strictly with the Isolate User option.
I can get JonDoe to log in and default to the JonDoe folder when I select the "Do not isolate user - Start user in username directory". So the problem is strictly with the Isolate User option.
ASKER
I am completely stuck... Loosing my mind here.
The one thing that stands out to me is that when I select "Do Not Isolate User - Start in: User directory", I am able to FTP in with my new user, 'JustinSirota', but it defaults to the root directory, not the folder I created called JustinSirota. So that could be why none of the Isolate user options are working, but WHY won't it go to my user folders?
MORE DETAILED SETUP INFO:
I had tried setting this up side-by-side with my .NET app Test environment FTP site, to keep it separate. For clarity's sake, I deleted that FTP site and am going to just try to get it going on my existing one. Still any of the Isolate User setting do not work. I get this from Fillezilla:
Command: USER Administrator
Response: 331 Password required for Administrator.
Command: PASS *********
Response: 530 User cannot log in, home directory inaccessible.
Error: Critical error
Error: Could not connect to server
C:\inetpub\MusicSearchApp_ TEST
In Explorer, here is my root directory:
C:\inetpub\MusicSearchApp_ TEST\Local User\Justi nSirota
C:\inetpub\MusicSearchApp_ TEST\Local User\Admin istrator
In case I misunderstood, I set up these folders:
C:\inetpub\MusicSearchApp_ TEST\Justi nSirota
C:\inetpub\MusicSearchApp_ TEST\Admin istrator
C:\inetpub\ftproot\JustinS irota
I have two users set up:
Administrator
JustinSirota
The one thing that stands out to me is that when I select "Do Not Isolate User - Start in: User directory", I am able to FTP in with my new user, 'JustinSirota', but it defaults to the root directory, not the folder I created called JustinSirota. So that could be why none of the Isolate user options are working, but WHY won't it go to my user folders?
MORE DETAILED SETUP INFO:
I had tried setting this up side-by-side with my .NET app Test environment FTP site, to keep it separate. For clarity's sake, I deleted that FTP site and am going to just try to get it going on my existing one. Still any of the Isolate User setting do not work. I get this from Fillezilla:
Command: USER Administrator
Response: 331 Password required for Administrator.
Command: PASS *********
Response: 530 User cannot log in, home directory inaccessible.
Error: Critical error
Error: Could not connect to server
C:\inetpub\MusicSearchApp_
In Explorer, here is my root directory:
C:\inetpub\MusicSearchApp_
C:\inetpub\MusicSearchApp_
In case I misunderstood, I set up these folders:
C:\inetpub\MusicSearchApp_
C:\inetpub\MusicSearchApp_
C:\inetpub\ftproot\JustinS
I have two users set up:
Administrator
JustinSirota
Did you follow the instructions and screenshots above? the steps are fine, what is missing is what you are trying to do.?
FTP ISOLATION is setup like such
FTP ROOT should be - C:\inetpub\MusicSearchApp_ TEST\
Localuser directories - C:\inetpub\MusicSearchApp_ TEST\Local User\Justi nSirota
Localuser directories - C:\inetpub\MusicSearchApp_ TEST\Local User\Admin istrator
USER ISOLATION is setup using the settings below:
Select the option "User name directory (disable global virtual directories) " in the FTP user isolation feature.
FTP Authorization in IIS Manager
Add JustinSirota and administrators to READ/WRITE.
Last, Don't forget to setup NTFS permissions so that JustinSirota can read/write to "C:\inetpub\MusicSearchApp _TEST\Loca lUser\Just inSirota".
Give it a shot.
This won't work
In case I misunderstood, I set up these folders:
C:\inetpub\MusicSearchApp_ TEST\Justi nSirota
C:\inetpub\MusicSearchApp_ TEST\Admin istrator
C:\inetpub\ftproot\JustinS irota
Let me know, I'll be around.
Cheers,
Hades666
FTP ISOLATION is setup like such
FTP ROOT should be - C:\inetpub\MusicSearchApp_
Localuser directories - C:\inetpub\MusicSearchApp_
Localuser directories - C:\inetpub\MusicSearchApp_
USER ISOLATION is setup using the settings below:
Select the option "User name directory (disable global virtual directories) " in the FTP user isolation feature.
FTP Authorization in IIS Manager
Add JustinSirota and administrators to READ/WRITE.
Last, Don't forget to setup NTFS permissions so that JustinSirota can read/write to "C:\inetpub\MusicSearchApp
Give it a shot.
This won't work
In case I misunderstood, I set up these folders:
C:\inetpub\MusicSearchApp_
C:\inetpub\MusicSearchApp_
C:\inetpub\ftproot\JustinS
Let me know, I'll be around.
Cheers,
Hades666
ASKER
I've gone over that several times and am quite sure I've done all that right, which makes me think it's a Win Server 2008 R2 thing. Again, I've never run one - I'm primarily a developer, wearing a new hat, and have found that nothing goes as easy as the tutorials... It makes me think it's a permissions issue... What environment did you just set up in?
I'm planning on going to the client site tomorrow, where I remote into. It's a Mac-run network with only a few MS machines on it, which shouldn't have anything to do with it, as I'm clearly able to port to my server.
It's probably going to be something stupid, which is what frustrates me so much!!! I'll keep you posted. Thanks!
I'm planning on going to the client site tomorrow, where I remote into. It's a Mac-run network with only a few MS machines on it, which shouldn't have anything to do with it, as I'm clearly able to port to my server.
It's probably going to be something stupid, which is what frustrates me so much!!! I'll keep you posted. Thanks!
ASKER
Something to note:
When I turn off user isolation and FTP log on as Administrator or JustinSirota - I navigate to the LocalUser folder and it won't open. I get 'Failed to retrieve directory listing'. This could be the source of the problem. But I don't know what that's happening. I checked the permissions on that folder and it should be accessible. Any other reason why that's happening?
When I turn off user isolation and FTP log on as Administrator or JustinSirota - I navigate to the LocalUser folder and it won't open. I get 'Failed to retrieve directory listing'. This could be the source of the problem. But I don't know what that's happening. I checked the permissions on that folder and it should be accessible. Any other reason why that's happening?
Provide screenshots of the IIS manager like i posted above.
As well, In IIS Manager under
1) SERVER\Sites\FTP Customer Isolation\LocalUser\FTPAut horization Rules
confirm settings for (Mode:ALLOW Users:Administrator,Jsiro Permissions:READ,WRITE)
2) SERVER\Sites\FTP Customer Isolation\
FTP USer Isolation is set to User name directory (disable global virtual directories)
3) check the Security permissions under windows Explorer.
Confirm Users (read & execute, List folder, Read)
Confirm Administrators (Full)
let me know, I'll be around - stuck i boring meetings.
Cheers,
Hades666
As well, In IIS Manager under
1) SERVER\Sites\FTP Customer Isolation\LocalUser\FTPAut
confirm settings for (Mode:ALLOW Users:Administrator,Jsiro Permissions:READ,WRITE)
2) SERVER\Sites\FTP Customer Isolation\
FTP USer Isolation is set to User name directory (disable global virtual directories)
3) check the Security permissions under windows Explorer.
Confirm Users (read & execute, List folder, Read)
Confirm Administrators (Full)
let me know, I'll be around - stuck i boring meetings.
Cheers,
Hades666
ASKER
Hey Hades - I got slammed with other work stuff last week. I'm still stuck on this! Here are screen shots...
p1.jpg
p1.jpg
While i am writing (extremely detailed) instructions for you, can you do the following for me and post the results.
open Command line and type the following.
c:\windows\system32\inetsr v\appcmd list sites
ex results are below
SITE "Default Web Site" (id:1,bindings:http/*:80:, state:Star ted)
-Hades666
open Command line and type the following.
c:\windows\system32\inetsr
ex results are below
SITE "Default Web Site" (id:1,bindings:http/*:80:,
-Hades666
ASKER
Here's the binding settings -
bindings.GIF
bindings.GIF
AH. Stop FTP_Site and try the settings above with Isolation. - The issue is you are using hte same IP and ftp host headers. Some clients do not awknowledge this setting.
-Hades666
-Hades666
ASKER
I actually just added FTP_Site to see if I could get it working on a different FTP site, in case MusicSearchTEST was corrupted or something. I stopped MusicSearchTEST and tried FTP_Site. I find myself in the same position, where I am able to see everything when Isolation is off and nothing when Isolation is on - "home directory is inaccessible" message.
Something to note - my appliaction pool is running in Classic mode, in case that has anything to do with it. I'm taking everything into consideration at this point...
I'm running IIS 7.5. Does it follow a new LocalUser structure? I'm going to look into that next.
Something to note - my appliaction pool is running in Classic mode, in case that has anything to do with it. I'm taking everything into consideration at this point...
I'm running IIS 7.5. Does it follow a new LocalUser structure? I'm going to look into that next.
No, I will send you complete details in a few. It will be a collection of all the posts above but detailed to the clicks.
If that doesn't work the there is something else blocking.
-Hades666
If that doesn't work the there is something else blocking.
-Hades666
Hi JT,
This is the best i can do at the moment. First remove the FTP bind from the default site and Delete the FTP Set you added. There should be no bindings on port 21 ftp... Next.
FTP Setup
1. Create Users in Local Users and Groups in Server Manager (See image6...)
2. Right click on Sites | Add FTP Site...
3. Site Information (See image1...)
FTP Site Name: FTP User Isolation
Phyiscal Path: c:\inetpub\wwwroot
4. Set Binding and SSL Settings (see image2...)
5. Set Authentication and Authorization Information (See image3...)
6. See SERVER\Sites\FTP User Isolation\FTP Authentication (see image5...)
7. See SERVER\Sites\FTP User Isolation\FTP User Isolation (see image6...)
8. See SERVER\Sites\FTP User Isolation\FTP Authorization Rules while SITE selected.
(see image11...)
Here you want All USers Read,Write.
Now modify the inherited permissions below....
9. Modify SERVER\Sites\FTP User Isolation\FTP Authorization Rules while LocalUSer folder selected.
(see image8...)
Here you want the administrator Account to Read,Write and All USers (Meaning any
auththenticated user Read.
10. Modify SERVER\Sites\FTP User Isolation\FTP Authorization Rules while LocalUser\FTPUser1 folder selected.
(see image9...)
Here you want the administrator & FTPUser1 Account to Read,Write
11. Modify SERVER\Sites\FTP User Isolation\FTP Authorization Rules while LocalUser\FTPUser2 folder selected.
(see image10...)
Here you want the administrator & FTPUser2 Account to Read,Write
12. Last step is to open Windows Explorer and modify the NTFS Permissions the folders as well similar to the above setup.
ex:
LocalUser folder | Administrator Full Access, Everyone Read
LocalUser\FTPUser1 folder | Administrator & FTPUser1 Full Access only
LocalUser\FTPUser2 folder | Administrator & FTPUser2 Full Access only
Customize these to whatever you wish.
IIS directory structure - (see image12..)
Windows directory structure - (see image13..)
*** You can test this via commandline
TESTING FTPUSER1 Isolation
C:\Users\Administrator>ftp WSE2008H1
Connected to WSE2008H1.
220 Microsoft FTP Service
User (WSE2008H1:(none)): FTPUser1
331 Password required for FTPUser1.
Password:
230 User logged in.
ftp> dir
200 PORT command successful.
125 Data connection already open; Transfer starting.
06-23-10 03:57PM 0 ftpuser1_root.txt
226 Transfer complete.
ftp: 62 bytes received in 0.01Seconds 4.13Kbytes/sec.
ftp> quit
221 Goodbye.
TESTING FTPUSER2 Isolation
C:\Users\Administrator>ftp WSE2008H1
Connected to WSE2008H1.
220 Microsoft FTP Service
User (WSE2008H1:(none)): FTPUser2
331 Password required for FTPUser2.
Password:
230 User logged in.
ftp> dir
200 PORT command successful.
125 Data connection already open; Transfer starting.
06-23-10 03:57PM 0 ftpuser2_root.txt
226 Transfer complete.
ftp: 62 bytes received in 0.00Seconds 62000.00Kbytes/sec.
ftp> quit
221 Goodbye.
C:\Users\Administrator>c:\ windows\sy stem32\ine tsrv\appcm d list sites
SITE "Default Web Site" (id:1,bindings:http/*:80:, state:Star ted)
SITE "FTP User Isolation" (id:2,bindings:ftp/*:21:,s tate:Unkno wn)
C:\Users\Administrator>
If you have FTP authorization issues, you will get this error.
C:\Users\Administrator>ftp WSE2008H1
Connected to WSE2008H1.
220 Microsoft FTP Service
User (WSE2008H1:(none)): FTPUser1
331 Password required for FTPUser1.
Password:
530-User cannot log in, home directory inaccessible.
Win32 error: Access is denied.
Error details: Authorization rules denied the access.
530 End
Login failed.
ftp>
Let me know, Hades666
ee1.jpg
ee2.jpg
ee3.jpg
ee4.jpg
ee5.jpg
ee6.jpg
ee7.jpg
ee8.jpg
ee9.jpg
ee10.jpg
ee11.jpg
ee12.jpg
ee13.jpg
This is the best i can do at the moment. First remove the FTP bind from the default site and Delete the FTP Set you added. There should be no bindings on port 21 ftp... Next.
FTP Setup
1. Create Users in Local Users and Groups in Server Manager (See image6...)
2. Right click on Sites | Add FTP Site...
3. Site Information (See image1...)
FTP Site Name: FTP User Isolation
Phyiscal Path: c:\inetpub\wwwroot
4. Set Binding and SSL Settings (see image2...)
5. Set Authentication and Authorization Information (See image3...)
6. See SERVER\Sites\FTP User Isolation\FTP Authentication (see image5...)
7. See SERVER\Sites\FTP User Isolation\FTP User Isolation (see image6...)
8. See SERVER\Sites\FTP User Isolation\FTP Authorization Rules while SITE selected.
(see image11...)
Here you want All USers Read,Write.
Now modify the inherited permissions below....
9. Modify SERVER\Sites\FTP User Isolation\FTP Authorization Rules while LocalUSer folder selected.
(see image8...)
Here you want the administrator Account to Read,Write and All USers (Meaning any
auththenticated user Read.
10. Modify SERVER\Sites\FTP User Isolation\FTP Authorization Rules while LocalUser\FTPUser1 folder selected.
(see image9...)
Here you want the administrator & FTPUser1 Account to Read,Write
11. Modify SERVER\Sites\FTP User Isolation\FTP Authorization Rules while LocalUser\FTPUser2 folder selected.
(see image10...)
Here you want the administrator & FTPUser2 Account to Read,Write
12. Last step is to open Windows Explorer and modify the NTFS Permissions the folders as well similar to the above setup.
ex:
LocalUser folder | Administrator Full Access, Everyone Read
LocalUser\FTPUser1 folder | Administrator & FTPUser1 Full Access only
LocalUser\FTPUser2 folder | Administrator & FTPUser2 Full Access only
Customize these to whatever you wish.
IIS directory structure - (see image12..)
Windows directory structure - (see image13..)
*** You can test this via commandline
TESTING FTPUSER1 Isolation
C:\Users\Administrator>ftp
Connected to WSE2008H1.
220 Microsoft FTP Service
User (WSE2008H1:(none)): FTPUser1
331 Password required for FTPUser1.
Password:
230 User logged in.
ftp> dir
200 PORT command successful.
125 Data connection already open; Transfer starting.
06-23-10 03:57PM 0 ftpuser1_root.txt
226 Transfer complete.
ftp: 62 bytes received in 0.01Seconds 4.13Kbytes/sec.
ftp> quit
221 Goodbye.
TESTING FTPUSER2 Isolation
C:\Users\Administrator>ftp
Connected to WSE2008H1.
220 Microsoft FTP Service
User (WSE2008H1:(none)): FTPUser2
331 Password required for FTPUser2.
Password:
230 User logged in.
ftp> dir
200 PORT command successful.
125 Data connection already open; Transfer starting.
06-23-10 03:57PM 0 ftpuser2_root.txt
226 Transfer complete.
ftp: 62 bytes received in 0.00Seconds 62000.00Kbytes/sec.
ftp> quit
221 Goodbye.
C:\Users\Administrator>c:\
SITE "Default Web Site" (id:1,bindings:http/*:80:,
SITE "FTP User Isolation" (id:2,bindings:ftp/*:21:,s
C:\Users\Administrator>
If you have FTP authorization issues, you will get this error.
C:\Users\Administrator>ftp
Connected to WSE2008H1.
220 Microsoft FTP Service
User (WSE2008H1:(none)): FTPUser1
331 Password required for FTPUser1.
Password:
530-User cannot log in, home directory inaccessible.
Win32 error: Access is denied.
Error details: Authorization rules denied the access.
530 End
Login failed.
ftp>
Let me know, Hades666
ee1.jpg
ee2.jpg
ee3.jpg
ee4.jpg
ee5.jpg
ee6.jpg
ee7.jpg
ee8.jpg
ee9.jpg
ee10.jpg
ee11.jpg
ee12.jpg
ee13.jpg
FYI.
This is the Folder Structure when i did the test. As you can see, the root directory is isolated by user as they only see the txt for their root.
LocalUser
LocalUser\FTPUser1
ftpuser1_root.txt
LocalUser\FTPUser2
ftpuser2_root.txt
Hope it helps,
Hades666
This is the Folder Structure when i did the test. As you can see, the root directory is isolated by user as they only see the txt for their root.
LocalUser
LocalUser\FTPUser1
ftpuser1_root.txt
LocalUser\FTPUser2
ftpuser2_root.txt
Hope it helps,
Hades666
ASKER
Thanks for the detailed instructions Hades. It looks like what I have done, but I will go through this step by step to see if I missed anything. I've got to run but will post results in a few hours. Thanks so much!
ASKER
I've gone over these steps time and again, and still fail log in with any account under Isolate Users. Here is something interesting that could be the problem....
When I set the Isolation option to
Do not isolate Users. Start user in: User name directory
Then FTP in as JustinSirota, it DOES put me in the JustinSirota folder, but not the one in LocalUser - It goes here:
C:\inetpub\MusicSearchApp_ TEST\Local User\Justi nSirota
When I delete that folder, it just logs me into the root directory.
So it seems like the user isolation is looking for the user folder in the ftp root (C:\inetpub\MusicSearchApp _TEST\), instead of the LocalUser folder. Do I need to define this folder in IIS somewhere or something?
When I set the Isolation option to
Do not isolate Users. Start user in: User name directory
Then FTP in as JustinSirota, it DOES put me in the JustinSirota folder, but not the one in LocalUser - It goes here:
C:\inetpub\MusicSearchApp_
When I delete that folder, it just logs me into the root directory.
So it seems like the user isolation is looking for the user folder in the ftp root (C:\inetpub\MusicSearchApp
ASKER
Correction to the path I listed above:
Then FTP in as JustinSirota, it DOES put me in the JustinSirota folder, but not the one in LocalUser - It goes here:
C:\inetpub\MusicSearchApp_ TEST\Justi nSirota
Then FTP in as JustinSirota, it DOES put me in the JustinSirota folder, but not the one in LocalUser - It goes here:
C:\inetpub\MusicSearchApp_
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I've gone over these steps for a week. It's clearly something outside of the standard IIS setup. Does Experts-Exchange offer any consulting services - I think I need a server admin to look at this...
Could any of these things be part of the problem:
- My Windows Server runs in a Mac network environment. I make my FTP connection with port :2121 after the IP. Then it is routed to my machine. I'm able to FTP fine with No Isolation, so I'm guessing this is fine.
- User configuration. Do I need to set anything up in the Windows user settings tabs? I tried entering the root path in the Home Directory field, but that didn't seem to do anything
- Application Pool. Do I need to grant permissions to the app pool anywhere?
Could any of these things be part of the problem:
- My Windows Server runs in a Mac network environment. I make my FTP connection with port :2121 after the IP. Then it is routed to my machine. I'm able to FTP fine with No Isolation, so I'm guessing this is fine.
- User configuration. Do I need to set anything up in the Windows user settings tabs? I tried entering the root path in the Home Directory field, but that didn't seem to do anything
- Application Pool. Do I need to grant permissions to the app pool anywhere?
Read my profile, send me an email and we can fix it over msn in realtime. - Hades666
ASKER
I ended up going with Filezilla Server, so I wouldn't have to create Windows users every time.
This post might help someone who is having trouble though.
Thanks much to Hades
This post might help someone who is having trouble though.
Thanks much to Hades
Best Regards,
Levente Rog