[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 681
  • Last Modified:

How to create isolated FTP shares for users in SBS 2011 II7

I am migrating from SBS2003 to SBS2011 and trying to work out how to provide the same FTP service. I currently have a few FTP users that authenticate with AD and then have access to a folder in which they can read and write but cannot traverse up the folder structure. In SBS2003 I create a user in AD and a folder with their login name and then create a FTP virtual directory which points to the physical folder. This works fine - the user connects using FTP and is completely isolated.
Microsoft have moved everything about in SBS 2011 and I can't work out how to configure the same thing.
0
ClintonK
Asked:
ClintonK
  • 4
  • 2
2 Solutions
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
It's really not a good idea to deploy an FTP server on an SBS since it's your domain controller and any password that is used to access FTP will go over the Internet in plain text.  This means that those usernames and passwords could be compromised -- definitely a security risk.

SBS already offers a great way to provide remote access to files on your network through Remote Web Access.

After you've enabled RWA on your server you just use the SBS Console to create the shared folder assigning only that user to have access.

Then, on the User properties > Remote Access, enable the user to access RWA:

RWA
And on the web sites section, check to enable Remote Web Access:

RWA
That's all there is to it.

Jeff
TechSoEasy
0
 
ClintonKAuthor Commented:
Thanks, but if I have a share that I want to be accessed by a remote FTP backup program it has to have an FTP address, username and password so RWA wouldn't be suitable for that. If I did choose to configure FTP access, how would I do it? I will also consider setting up a dedicated FTP server but for now I'm intrigued to know how I would configure it on SBS 2011.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Weird that you would have a remote backup program that needs INBOUND access to your SBS, but in any event, follow the steps outlined here to create your FTP site:

http://learn.iis.net/page.aspx/301/creating-a-new-ftp-site/

Jeff
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
ClintonKAuthor Commented:
It's from a friend's server so that he can do offsite backups. He backs up to me and I backup to him. Just a few key files.

Cheers
0
 
Cris HannaCommented:
Actually the best solution is Filezilla FTP server...free and not integrated with Active Directory.
0
 
ClintonKAuthor Commented:
Ah, ok - that's an option I hadn't thought of. I'll try that.
0
 
ClintonKAuthor Commented:
Thanks for the advice. I appreciate Jeffrey Kane's concerns about setting up an FTP service authenticated by AD and acknowledge his advice on how to do it. Chris Hanna's suggestion is something I will adopt as it does appear to give me the solution I want without so much risk so thanks to you both.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now