Solved

How to create  isolated FTP shares for users in SBS 2011 II7

Posted on 2014-01-28
7
658 Views
Last Modified: 2014-02-03
I am migrating from SBS2003 to SBS2011 and trying to work out how to provide the same FTP service. I currently have a few FTP users that authenticate with AD and then have access to a folder in which they can read and write but cannot traverse up the folder structure. In SBS2003 I create a user in AD and a folder with their login name and then create a FTP virtual directory which points to the physical folder. This works fine - the user connects using FTP and is completely isolated.
Microsoft have moved everything about in SBS 2011 and I can't work out how to configure the same thing.
0
Comment
Question by:ClintonK
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 74

Assisted Solution

by:Jeffrey Kane - TechSoEasy
Jeffrey Kane - TechSoEasy earned 250 total points
ID: 39816866
It's really not a good idea to deploy an FTP server on an SBS since it's your domain controller and any password that is used to access FTP will go over the Internet in plain text.  This means that those usernames and passwords could be compromised -- definitely a security risk.

SBS already offers a great way to provide remote access to files on your network through Remote Web Access.

After you've enabled RWA on your server you just use the SBS Console to create the shared folder assigning only that user to have access.

Then, on the User properties > Remote Access, enable the user to access RWA:

RWA
And on the web sites section, check to enable Remote Web Access:

RWA
That's all there is to it.

Jeff
TechSoEasy
0
 

Author Comment

by:ClintonK
ID: 39817157
Thanks, but if I have a share that I want to be accessed by a remote FTP backup program it has to have an FTP address, username and password so RWA wouldn't be suitable for that. If I did choose to configure FTP access, how would I do it? I will also consider setting up a dedicated FTP server but for now I'm intrigued to know how I would configure it on SBS 2011.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 39817196
Weird that you would have a remote backup program that needs INBOUND access to your SBS, but in any event, follow the steps outlined here to create your FTP site:

http://learn.iis.net/page.aspx/301/creating-a-new-ftp-site/

Jeff
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 

Author Comment

by:ClintonK
ID: 39817343
It's from a friend's server so that he can do offsite backups. He backs up to me and I backup to him. Just a few key files.

Cheers
0
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 250 total points
ID: 39817450
Actually the best solution is Filezilla FTP server...free and not integrated with Active Directory.
0
 

Author Comment

by:ClintonK
ID: 39817452
Ah, ok - that's an option I hadn't thought of. I'll try that.
0
 

Author Closing Comment

by:ClintonK
ID: 39831137
Thanks for the advice. I appreciate Jeffrey Kane's concerns about setting up an FTP service authenticated by AD and acknowledge his advice on how to do it. Chris Hanna's suggestion is something I will adopt as it does appear to give me the solution I want without so much risk so thanks to you both.
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Debug Tools to analyse IIS process: This article focus on taking memory dumps from IIS to determine which code is taking more time and to analyse which calls hangs/causes more CPU usage. To take dumps,download the following. Install1: To st…
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question