2Cs
asked on
IIS7 FTP User Isolation
Hi all,
I have setup and FTP site using IIS7 on Windows Server 2008 R2 Web Server x64. I can connect to the FTP and get a prompt for username and password both locally and remotely.
But when I enter either local user credentials or an IIS Manager account it wont connect. I've missed something but not sure what.
I am to eventually setup user isolation but I ideally want to have some form of FTP working before I move onto that :)
Al
I have setup and FTP site using IIS7 on Windows Server 2008 R2 Web Server x64. I can connect to the FTP and get a prompt for username and password both locally and remotely.
But when I enter either local user credentials or an IIS Manager account it wont connect. I've missed something but not sure what.
I am to eventually setup user isolation but I ideally want to have some form of FTP working before I move onto that :)
Al
HI,
This URL will help you regarding this.
http://learn.iis.net/page.aspx/321/configure-ftp-with-iis-7-manager-authentication/
This URL will help you regarding this.
http://learn.iis.net/page.aspx/321/configure-ftp-with-iis-7-manager-authentication/
ASKER
Hi all,
I have managed to get the basic FTP service working, but the other problem I have is that I want users to have different accounts that when they login it maps to their user folder (For example, a user account domain1.co.uk logs into the FTP site and has only access to the domain1.co.uk folder in the FTP root that matches their username)
- If I set FTP User Isolation to Username then they can go up folders and browse directories I don't want them to
- If I set FTP User Isolation to Username Directory then the users are just prompted that their home directory is inaccessible
Al
I have managed to get the basic FTP service working, but the other problem I have is that I want users to have different accounts that when they login it maps to their user folder (For example, a user account domain1.co.uk logs into the FTP site and has only access to the domain1.co.uk folder in the FTP root that matches their username)
- If I set FTP User Isolation to Username then they can go up folders and browse directories I don't want them to
- If I set FTP User Isolation to Username Directory then the users are just prompted that their home directory is inaccessible
Al
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Hades666,
I will try that this week and see what happens.
Al
I will try that this week and see what happens.
Al
https://www.experts-exchange.com/questions/26268119/FTP-setup-in-IIS.html
Next, are these domain users or locally created users? This is important for the physical directory path below ;)
IIS user isolation required that the phyiscal root directories be setup like such matching the user ID.
D:\FTP Sites\LocalUser\administra
D:\FTP Sites\LocalUser\ClientA
D:\FTP Sites\LocalUser\ClientB
D:\FTP Sites\LocalUser\ClientC
D:\FTP Sites can be anything, The KEY folder here is "LocalUser".
Don't forget to restrict NTFS permissions so that only administrators or the Machine\Client(A|B|C) can read/write to the specified folders.
USER ISOLATION:
Select the option "User name directory (disable global virtual directories) " in the FTP user isolation feature.
Now for the administrator. Here is the trick - Create a virtual Directory in IIS Manager under the D:\FTP Sites\LocalUser\administra
User Account Types Physical Home Directory Syntax
Anonymous users %FtpRoot%\LocalUser\Public
Local Windows user accounts %FtpRoot%\LocalUser\%UserN
Windows domain accounts %FtpRoot%\%UserDomain%\%Us
IIS Manager or ASP.NET custom %FtpRoot%\LocalUser\%UserN
Let me know if you have any issues,
Hades666