[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1990
  • Last Modified:

Windows 2008 Server Cannot FTP File System Denied the Access

Hello, I'm running a Windows 2008 server for website hosting.  I set up the FTP service so my clients can update their file.  All was working well until a few days ago, clients can no longer log in.  The log reports say: File System Denied the Access.  Mind you, this was working and suddenly stopped.  I've already tried these troubleshooting techniques:

Checking the password expiration on the users.  Each are set to never expire.
Made sure proper ports are opened in the firewall.

TIA

Jay
0
jayligda
Asked:
jayligda
  • 6
  • 2
2 Solutions
 
David Johnson, CD, MVPOwnerCommented:
check the ntfs file permissions
0
 
jayligdaAuthor Commented:
Yes, NTFS file permissions are set correctly.  Remember this was working great up to a point and then suddenly stopped.  Thanks!
0
 
AlexPaceCommented:
Did you check the permissions of the user account that the server SERVICE is running under?  Perhaps it is a member of a group that no longer has access to the ftp root.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
jayligdaAuthor Commented:
I added the user SERVICE to the FTP group.  Still no luck.

In addition the users can authenticate when accessing a directory on the website with the "everyone" user removed so the issue is not related to the user/ password expiration.  It must be FTP related somehow.

To make matters even more weird there is one user that CAN FTP in.  I see no difference with this user's setting and the others.

Jay
0
 
jayligdaAuthor Commented:
I take that back.  The difference with the user that CAN login via FTP vs the ones that cannot is the one that CAN login is not associated with a specific directory.  It is a general user that has access to the FTP root.  There is no user isolation with this user.  I thought the issue may have something to do with the user isolation settings, but when I tried each option I was still not able to access with one of the users that cannot.  Currently the user isolation settings are set to "Do not isolate users.  Start users in Username directory."  Like I said I tried all the other settings to no avail.
0
 
jayligdaAuthor Commented:
Embarrassed, it turned out to be a permissions issue.  While the individual users had permissions set for their folders, they did not have permission to the FTP root.  They way I had it set up is that the FTP group had read/list permissions to the group.  Everything was working fine until a bug in a batch program accidentally removed the group permissions from the root.
0
 
jayligdaAuthor Commented:
I've requested that this question be closed as follows:

Accepted answer: 0 points for jayligda's comment #a38433640

for the following reason:

I selected my own comment as the solution because it is the solution.  It was not really an issue that others could help me with.  I had to hack through and figure it out on my own following clues along the way.  The main clue was the one user that was still able to FTP in.  I searched for what was different with that user.  Well it was my general user that had permissions to the root separate from the group.
0
 
David Johnson, CD, MVPOwnerCommented:
I did tell you to check the file permissions, but you insisted that they were correct.
0
 
jayligdaAuthor Commented:
I added my comment as a part of the solution because it includes some details that may help that may help someone in the same situation.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 6
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now