Solved

How to secure an FTP (BulletProf) server and allow access it with AD credentials

Posted on 2010-08-20
1
426 Views
Last Modified: 2013-12-09
Hi,

I am just wondering If someone could advise about the following.

We have an external FTP server (BulletProf - http://www.bpftp.com/). The current workflow has changed and the FTP access is going to growth and the server will need to be accessible by a large number of our company users.

All these users have account on AD. We would like this users to have access to the FTP server with their AD credentials.  We were wondering if someone could provide some advise on how we could perform this setup.

We were thinking on using ADAM on the same FTP server (DMZ) and synchronize only the users that need access to the FTP and then secure the FTP with a certificate (SFTP) however we are not sure how we should acomplish that or if there is a better or easier but secure way to do it.

Any help would be appreciated.

Thank you.  
0
Comment
Question by:llarava
1 Comment
 
LVL 40

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 33490942
Just after a few quick digs into the Wiki provided by them, I can tell you that the BulletProof FTP server is not going to be able to do what you want in its current version. The really big thing is that it is not capable of using SFTP through SSL. Second, it's not designed to integrate with Active Directory at all. User management is entirely limited to its own internal methods (See http://wiki.builtbp.com/index.php/Server_User_Setup ). If you want AD integration and SSL security you're not going to get it with that product. IIS6 has a fairly good FTP server included in it (which comes with all versions of Windows 2003 and even Windows XP). Instructions for setting that up are here: http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/31c2427c-c0a5-49fa-9e03-823f34fba3e8.mspx?mfr=true and detailed management info is here:
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/7744106d-dd08-4352-bdb3-c2a65c474d5d.mspx?mfr=true
IIS7 is included with Windows 7 and Windows Server 2008. Here's some info on setting that up: http://technet.microsoft.com/en-us/library/cc771012%28WS.10%29.aspx
0

Featured Post

Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question