Solved

FTP server setup - cannot log in

Posted on 2006-11-13
10
215 Views
Last Modified: 2010-04-13

Running Windows 2003 server standard fully patched.
I have created an FTP site but I cannot connect to it.
 
I have successfully installed FTP services.  When I click on Internet Information Services I can see *ftp-server
I created an FTP site called FTP1
I right click on this and click properties
 - Description is FTP1
 - IP address is 192.168.1.49
 - TCP port is 21
 
Connection:
  limited to 3
  Connection timeout = 900
 
Enable Logging is checked
 
Security accounts
  Allow Anonymous Connections is unchecked
 - I added an account called FTP1 to the Active directory.  I added this to FTP SITE OPERATORS
 - Home directory is c:\ftp\ftp1
 
Question:
1.)  I start a dos session on a Windows 2000 Pro pc connected to the same network as the ftp server.
  I type:  
  ftp
  open 192.168.1.49
and I get the proper response (enter user name)
I enter the user name (FTP1) and the appropriate password and the ftp server will not log me in
 
How do I troubleshoot this?

0
Comment
Question by:donpick
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
10 Comments
 
LVL 30

Expert Comment

by:irwinpks
ID: 17932677
add the DOMAIN USER group for authentication
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17934480
That will more than likely work unless it is a server that is a DC as domain users will not have rights to login locally which is the user right needed for ftp IMHO.

Open the local security policy from the admin tools and drill down under local policy and user rights assignment.
click into Log on locally and make sure this user is specified there either directly or through a group that is in there.

If this is a domain controller then adjust the domain controller security policy in the same way instead.
If this is a domain member server then this may be set through group policy.  The above right when set should show in the effective column once the local security policy program has been restarted.

Steve
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17934490
Here's an article I've googled for that explains.

hth

Steve
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 43

Accepted Solution

by:
Steve Knight earned 500 total points
ID: 17934493
0
 

Author Comment

by:donpick
ID: 17950825
Thank you for your link.  It answered some questions.

I guess I am confused on one thing:

The ftp server is named ftp-server.
 It is a domain member, not a domain controller.
The ftp user name is mtnftp.

On the domain controller, in Active Directory (AD) I added user mtnftp.

On the ftp server, I went to Security Settings > User Rights Assignment > Log on Locally and clicked Add
I added mtnftp there.

I opened port 21 on the firewall and pointed it to frp-server.

I followed the instructions in  http://www.iisfaq.com/default.aspx?View=A294&P=14  and configured the IIS FTP service.

When I try to connect to the ftp server (ftp://mtnftp:password@192.168.1.49)
  I get a dialog box asking for a password.  When I type in the correct password, I still cannot log in.

Must I also change the Security settings on the domain controller also?  Or is there something else I need to fix / change?

How can I troubleshoot this to find the blocking point?
0
 

Author Comment

by:donpick
ID: 17950870
With regard to my question at 01:37:

There are multiple ftp sites defined on ftp-server.  When using the login:
(ftp://mtnftp:password@192.168.1.49)

how do I specify to which ftp site to login?  
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17950871
If it is an AD account try domain\username as the username or create the account locally on the machine.  

Might be other issues here too but try that for starters.

Steve
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17950904
As to your next question there can be only one per combination of ip address and port.  It is unusual to run ftp sites on different ports perhaps there are multiple ips ?
0
 

Author Comment

by:donpick
ID: 17951350
Thanks VERY MUCH for your help.  The link was very useful.
The answer was to create a local user on the member ftp server and set local log in for it.
Then I used the method described in the link to access the ftp server.

It now works very well.
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17951368
No problem... and thankyou to as you've just taken me over a nice round 1,000,000 points

Steve
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In this blog post, we’ll look at how ClickHouse performs in a general analytical workload using the star schema benchmark test.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question