IIS 6 FTP server won't accept AD domain account logins

I've got a problem setting up an FTP server on IIS6. I have a dedicated webserver which is part of a domain (it's being run as an application server only). My web site is set up and working fine. However, I cannot get the FTP server set up so that only certain domain users can login.

What happens is that no matter how I have it set up, it asks for a user name and password, and will not accept the admin accounts I enter. It will not accept any domain accounts. It will accept anonymous logins if I check that option in the FTP properties, but still will not accept domain account logins. I've tried all the admin accounts, and I've made sure that the folder permissions indicate that these users have full control.

I've quadruple checked the permissions, and I do *not* have the "accept only anonymous logins" function checked for this.

I have another web server with this same setup, and it works fine. I've tried to make the settings identical, but still no-go. I'm obviously missing something. Something that's probably obvious. :)

Any help with this is appreciated; I'd like to take the server live soon, and without FTP access to the website, I can't do it yet.
purplegenie93Asked:
Who is Participating?
 
LazarusCommented:
No they shouldn't... You have to be DCPROMO it to be able to have that access to the AD. Other wise it's just a server and does not know AD.
0
 
LazarusCommented:
I'm not exactly sure you you have things setup from your question but you might try this MS article: http://support.microsoft.com/Default.aspx?id=184319
Also an excellent source for IIS FTP isScott Forsyth's WebLog : http://weblogs.asp.net/owscott/archive/2004/03/10/87262.aspx

Between those two you should be able to get your FTP working.
0
 
LazarusCommented:
Hmm.. sorry but please refer to PART 1 of the Forsyth article.. http://weblogs.asp.net/owscott/archive/2004/02/05/68423.aspx The above link was part 2 of it.
0
 
purplegenie93Author Commented:
It seems that the issue had to do with the FTP server being on an application server and not one of the DCs. I found that I needed to either create a local account for an FTP login (this worked fine) or had to prefix my username with the domain name (even though it's an admin account, and the FTP server is on the domain).

I opted to us the local account log-in only, for security reasons.

My question is now, why are the Built-in security accounts in the AD not available on my web/ftp server in assigning permissions -- even though it's not a DC, shouldn't I still be able to assign those groups, just as I would on a workstation?
0
 
purplegenie93Author Commented:
This solves the mystery, thanks! (I'm just learning Windows Server 2003, and have big holes in my knowledge; I appreciate the help!)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.