Solved

FTP user isolation

Posted on 2014-07-25
5
336 Views
Last Modified: 2014-08-22
I've setup a new FTP site using User Isolation on a Win2K8 R2 server.  Domain users have no access issues, but local users cannot log in.  Need some guidance.

I've followed this article exactly.  http://mistech.com/how-to-configure-ftp-user-isolation-in-iis-7-5-on-windows-2008-server-r2/

Logs show the following for a local user log in:
2014-07-25 16:30:25 10.1.3.8 - <serverip>ControlChannelOpened - - 0 0 9ad7db6d-812f-4e1c-8d99-4ceb5a581e98 -
2014-07-25 16:30:25 10.1.3.8 - <serverip> USER <name> 331 0 0 9ad7db6d-812f-4e1c-8d99-4ceb5a581e98 -
2014-07-25 16:30:27 10.1.3.8 - <serverip> PASS *** 530 1326 41 9ad7db6d-812f-4e1c-8d99-4ceb5a581e98 -
2014-07-25 16:30:27 10.1.3.8 - <serverip> ControlChannelClosed - - 0 0 9ad7db6d-812f-4e1c-8d99-4ceb5a581e98 -
2014-07-25 16:30:27 10.1.3.8 - <serverip> ControlChannelOpened - - 0 0 96ae42ad-33fc-4edf-9bde-fb6a6cdf0608 -
2014-07-25 16:30:28 10.1.3.8 - <serverip> USER <name> 331 0 0 96ae42ad-33fc-4edf-9bde-fb6a6cdf0608 -
2014-07-25 16:30:29 10.1.3.8 - <serverip> PASS *** 530 1326 41 96ae42ad-33fc-4edf-9bde-fb6a6cdf0608 -
2014-07-25 16:30:30 10.1.3.8 - <serverip> ControlChannelClosed - - 0 0 96ae42ad-33fc-4edf-9bde-fb6a6cdf0608 -
0
Comment
Question by:Christina Taylor
  • 2
  • 2
5 Comments
 

Author Comment

by:Christina Taylor
ID: 40219981
It appears that I must specify the servername\username and authentication is successful that way.
Is there a way to modify the setup so users only need to provide the username?
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
ID: 40220259
I hope FTP is setup for basic authentication
In IIS navigate to basic authentication of FTP site and right click \ edit and put your AD domain name there (For Ex: contoso.com)
Then you don't need to put domain\user , just put username and pasword
0
 
LVL 4

Expert Comment

by:rastoi
ID: 40220324
I think you do not have possible solution here.
In FTP site setup  you can specify "default domain" what can be either your domain on local computer. Users from not default needs to identify self with full domain\user (computer\user). There is not an option to let IIS browse trough multiple domain for user name/password combination. It is the same with the windows logon (authentication) in general.
0
 

Author Comment

by:Christina Taylor
ID: 40230131
Yes, basic authentication is enabled with AD name entered.
0
 
LVL 4

Expert Comment

by:rastoi
ID: 40230464
Just like was stated already, you have to choose whether "domain" or "local" users will be provided with bonus of using short names. There is no optipn to have both.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Running classic asp applications under Windows Server 2008 R2 (x64) and IIS 7 is not as easy as one may think. It took me a while to figure it out while getting error 8002801d a few times. After you install the OS you will need to install the fol…
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now