We help IT Professionals succeed at work.

FTP user isolation in Server 2008

Hi All,

I'm a newb with Server 2008. I tried using this document to set up FTP user isolation on my new web server - I'm used to 2003 but the process has definitely changed. I followed all the instructions in this document:

http://learn.iis.net/page.aspx/305/configuring-ftp-user-isolation-in-iis-7/

But this does not actually configure it the way I need it. This is a lesson to teach us the options. So I added my own server's IP address instead of the 127.0.0.0 recommended in the article, but I still cannot get anything to authorize. From CMD on my local box, I try ftp nocowebs.com (my current active test domain) and it connects, but then when i type in the user name, it disconnects. 'Connection closed by remote host'

Are there any gotchas I'm missing in this process for Server 2008? Or is there a more intuitive set of instructions to follow to get this live? I have inetpub and ftproot duplicated on my D drive and those are the instances I'm pointing to - could this be part of the problem? On my old server, I somehow had this working so that I could add a new directory to my list of websites, create a user that matched the new directory name, and boom - you could FTP right away with that user and only get access to that one folder.

But in 2008, it appears to be a trickier operation.

Any advice?

Thank you

Bill
Comment
Watch Question

David Johnson, CDSimple Geek from the '70s
Distinguished Expert 2019

Commented:
check your authentication and authorization rules.
David Johnson, CDSimple Geek from the '70s
Distinguished Expert 2019

Commented:
also check the ntfs file permissions
Bill HendersonWeb Marketing

Author

Commented:
Hi - anything in partcular I am checking for?
Simple Geek from the '70s
Distinguished Expert 2019
Commented:
ntfs file permissions, users have permissions for read/write
usernames must have a directory

you may have to add a firewall rule to allow FTP and also in your router port forward
David Johnson, CDSimple Geek from the '70s
Distinguished Expert 2019

Commented:
you should have it set to your private ip
Bill HendersonWeb Marketing

Author

Commented:
OK thanks - will be trying some things a bit later this evening. I'll keep you posted.
Bill HendersonWeb Marketing

Author

Commented:
Thanks for the help!