Win2k3 IIS FTP Non-AD User isolation setup - error: 530 User Test\test1 cannot log in, home directory inaccessible

Posted on 2006-05-14
Last Modified: 2008-01-09
Win2K3 SP1 - I have been beating this issue into the ground. I have carefully followed the instructions found here and on Microsoft's site for creating Non-AD ftp user isolation sites. I've got a user test1 on domain Test. I have a folder named D:\FTPTest with a subfolder named LocalUser and beneath that a folder called test1. The user test1 has read - read and execute and list access to D:\FTPTest - same access to D:\FTPTest\LocalUser through inheritance and then the same rights plus write for D:\FTPTest\LocalUser\test1.

I have gone into the both the domain controller security policy and the local machine security policy under User Rights Assignment and added user test1 to Allow Logon Locally.

I keep getting this error: 530 User Test\test1 cannot log in, home directory inaccessible.

I've experimented with checking allow anonymous and tried other setting tweaks. Is there a new service pack related fix I need to know about. It seems like I've followed these instructions to the letter although I'm not positive about the logon locally part because the only thing I found close to that is "Allow Logon Locally" whereas in the instructions its "Logon Locally"

Question by:dsteinschneider
    LVL 1

    Author Comment

    I searched keywords FTP and Isolated User here and saw the suggestion to use sysinternals filemon. Once I had that running I saw the the ftp client was attempting to open the folder FTPTest/Test/test1 . It wasn't looking for LocalUser but instead a folder with the domain name which in this case is "Test" - is this because the machine belongs to a domain and that *all* examples I found were referring to non domain IIS servers?  

    I hope this pair of posts sticks around - it would have saved me lots of time. - Please PAK this question.

    Accepted Solution

    Because you have presented a solution to your own problem which may be helpful to future searches, this question is now PAQed and your points have been refunded.


    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Join & Write a Comment

    Here are the symptoms: You start receiving calls from users that one of your legacy web apps isn't coming up, so you log into your IIS 5 server to check it out.  When you pull up the services, you notice that the WWW Publishing service isn't runn…
    If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now