IIS 6 FTP server won't accept AD domain account logins

Posted on 2005-04-23
Last Modified: 2010-05-18
I've got a problem setting up an FTP server on IIS6. I have a dedicated webserver which is part of a domain (it's being run as an application server only). My web site is set up and working fine. However, I cannot get the FTP server set up so that only certain domain users can login.

What happens is that no matter how I have it set up, it asks for a user name and password, and will not accept the admin accounts I enter. It will not accept any domain accounts. It will accept anonymous logins if I check that option in the FTP properties, but still will not accept domain account logins. I've tried all the admin accounts, and I've made sure that the folder permissions indicate that these users have full control.

I've quadruple checked the permissions, and I do *not* have the "accept only anonymous logins" function checked for this.

I have another web server with this same setup, and it works fine. I've tried to make the settings identical, but still no-go. I'm obviously missing something. Something that's probably obvious. :)

Any help with this is appreciated; I'd like to take the server live soon, and without FTP access to the website, I can't do it yet.
Question by:purplegenie93
    LVL 20

    Expert Comment

    I'm not exactly sure you you have things setup from your question but you might try this MS article:
    Also an excellent source for IIS FTP isScott Forsyth's WebLog :

    Between those two you should be able to get your FTP working.
    LVL 20

    Expert Comment

    Hmm.. sorry but please refer to PART 1 of the Forsyth article.. The above link was part 2 of it.

    Author Comment

    It seems that the issue had to do with the FTP server being on an application server and not one of the DCs. I found that I needed to either create a local account for an FTP login (this worked fine) or had to prefix my username with the domain name (even though it's an admin account, and the FTP server is on the domain).

    I opted to us the local account log-in only, for security reasons.

    My question is now, why are the Built-in security accounts in the AD not available on my web/ftp server in assigning permissions -- even though it's not a DC, shouldn't I still be able to assign those groups, just as I would on a workstation?
    LVL 20

    Accepted Solution

    No they shouldn't... You have to be DCPROMO it to be able to have that access to the AD. Other wise it's just a server and does not know AD.

    Author Comment

    This solves the mystery, thanks! (I'm just learning Windows Server 2003, and have big holes in my knowledge; I appreciate the help!)

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Suggested Solutions

    Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
    On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now