FTP Server and Server 2008 R2 Problems

I am at my wits end with the new features and setup of FTP with Server 2008 R2. I simply cannot get

it to function properly.

What I want to accomplish (and what I have acimplished in 2003 R2) is:

Domain users log on to FTP using their AD credentials and are isolated to their virtual directory.

Virtual directories do match the names of the AD accounts.

The steps that I have taken are as follows

1. Add FTP Site
2. Name FTP Site
3. Physical Path (pointed to previously create "FTP" directory on root of C:\)
4. Binding, IP address set to local server IP, port 21
5. No SSL
6. Authentication set to Basic
7. Authorization, allow access to "specified roles or user groups"
8. Typed in "Domain Users"
9. Permissions set to Read/Write
10. Finish

This is all basic FTP setup minus the new Authorization in step 7. When clicking on the FTP Site, FTP

Authntication is set to Basic (with domain name added). FTP Authorzation Rules set to "Specified

roles or user groups" (Domain Users).

To go a little deeper this is what my FTP directory structure looks like

            domainname (LocalUser on 2003)\
The directories above have appropriate NTFS permissions added. From my local machine I can browse and

see the shares, I get prompted for credentials in IE when going to ftp://servername but cannot login

(not even with domain admin)

I am going to continue to play with this but this is utterly ridiculous at this point. I don't

understand why MS has to make this more difficult than it has to be and has been in 2003 R2?
Who is Participating?
dswope79Connect With a Mentor Author Commented:
I got it figured out
Did you open the necessary ports in the Firewall?

You can run these commands and try again

netsh advfirewall firewall add rule name="FTP (no SSL)" action=allow protocol=TCP dir=in localport=21
netsh advfirewall set global StatefulFtp enable

dswope79Author Commented:
Yes, I opened them using the exact same commands you have there.
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

dswope79Author Commented:
When using FileZila I keep getting the following error

atus:      Resolving address of server@domain.local
Status:      Connecting to x.x.x.x:21...
Status:      Connection established, waiting for welcome message...
Response:      220-Microsoft FTP Service
Response:      220 Company Name
Command:      USER user@domain.local
Response:      331 Password required for user@domain.local.
Command:      PASS *********
Response:      530 User cannot log in, home directory inaccessible.
Error:      Critical error
Error:      Could not connect to server
Status:      Delaying connection for 5 seconds due to previously failed connection attempt...

The above was an internal attempt at connecting.
dswope79Author Commented:
Some omre steps I have taken with no success

Added firewall exceptions

netsh advfirewall firewall add rule name="FTP (no SSL)" action=allow protocol=TCP dir=in localport=21
netsh advfirewall set global StatefulFtp enable

Added program exception per


Followed this for isolation process


Which is where I followed the directions and created the "domain name" folder under the FTP root instead of "LocalUser" as done in 2003 R2

"Windows domain accounts
(requires basic authentication)


dswope79Author Commented:
This works as long as I remove isolation and select "user name directory" under "Do not isolate users. Start in". Some small piece is missing here
dswope79Author Commented:
I got this on my own
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.