Solved

FTP server setup - cannot log in

Posted on 2006-11-13
10
210 Views
Last Modified: 2010-04-13

Running Windows 2003 server standard fully patched.
I have created an FTP site but I cannot connect to it.
 
I have successfully installed FTP services.  When I click on Internet Information Services I can see *ftp-server
I created an FTP site called FTP1
I right click on this and click properties
 - Description is FTP1
 - IP address is 192.168.1.49
 - TCP port is 21
 
Connection:
  limited to 3
  Connection timeout = 900
 
Enable Logging is checked
 
Security accounts
  Allow Anonymous Connections is unchecked
 - I added an account called FTP1 to the Active directory.  I added this to FTP SITE OPERATORS
 - Home directory is c:\ftp\ftp1
 
Question:
1.)  I start a dos session on a Windows 2000 Pro pc connected to the same network as the ftp server.
  I type:  
  ftp
  open 192.168.1.49
and I get the proper response (enter user name)
I enter the user name (FTP1) and the appropriate password and the ftp server will not log me in
 
How do I troubleshoot this?

0
Comment
Question by:donpick
  • 6
  • 3
10 Comments
 
LVL 30

Expert Comment

by:irwinpks
ID: 17932677
add the DOMAIN USER group for authentication
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17934480
That will more than likely work unless it is a server that is a DC as domain users will not have rights to login locally which is the user right needed for ftp IMHO.

Open the local security policy from the admin tools and drill down under local policy and user rights assignment.
click into Log on locally and make sure this user is specified there either directly or through a group that is in there.

If this is a domain controller then adjust the domain controller security policy in the same way instead.
If this is a domain member server then this may be set through group policy.  The above right when set should show in the effective column once the local security policy program has been restarted.

Steve
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17934490
Here's an article I've googled for that explains.

hth

Steve
0
 
LVL 43

Accepted Solution

by:
Steve Knight earned 500 total points
ID: 17934493
0
 

Author Comment

by:donpick
ID: 17950825
Thank you for your link.  It answered some questions.

I guess I am confused on one thing:

The ftp server is named ftp-server.
 It is a domain member, not a domain controller.
The ftp user name is mtnftp.

On the domain controller, in Active Directory (AD) I added user mtnftp.

On the ftp server, I went to Security Settings > User Rights Assignment > Log on Locally and clicked Add
I added mtnftp there.

I opened port 21 on the firewall and pointed it to frp-server.

I followed the instructions in  http://www.iisfaq.com/default.aspx?View=A294&P=14  and configured the IIS FTP service.

When I try to connect to the ftp server (ftp://mtnftp:password@192.168.1.49)
  I get a dialog box asking for a password.  When I type in the correct password, I still cannot log in.

Must I also change the Security settings on the domain controller also?  Or is there something else I need to fix / change?

How can I troubleshoot this to find the blocking point?
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:donpick
ID: 17950870
With regard to my question at 01:37:

There are multiple ftp sites defined on ftp-server.  When using the login:
(ftp://mtnftp:password@192.168.1.49)

how do I specify to which ftp site to login?  
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17950871
If it is an AD account try domain\username as the username or create the account locally on the machine.  

Might be other issues here too but try that for starters.

Steve
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17950904
As to your next question there can be only one per combination of ip address and port.  It is unusual to run ftp sites on different ports perhaps there are multiple ips ?
0
 

Author Comment

by:donpick
ID: 17951350
Thanks VERY MUCH for your help.  The link was very useful.
The answer was to create a local user on the member ftp server and set local log in for it.
Then I used the method described in the link to access the ftp server.

It now works very well.
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17951368
No problem... and thankyou to as you've just taken me over a nice round 1,000,000 points

Steve
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now