Solved

FTP user isolation

Posted on 2014-07-25
5
348 Views
Last Modified: 2014-08-22
I've setup a new FTP site using User Isolation on a Win2K8 R2 server.  Domain users have no access issues, but local users cannot log in.  Need some guidance.

I've followed this article exactly.  http://mistech.com/how-to-configure-ftp-user-isolation-in-iis-7-5-on-windows-2008-server-r2/

Logs show the following for a local user log in:
2014-07-25 16:30:25 10.1.3.8 - <serverip>ControlChannelOpened - - 0 0 9ad7db6d-812f-4e1c-8d99-4ceb5a581e98 -
2014-07-25 16:30:25 10.1.3.8 - <serverip> USER <name> 331 0 0 9ad7db6d-812f-4e1c-8d99-4ceb5a581e98 -
2014-07-25 16:30:27 10.1.3.8 - <serverip> PASS *** 530 1326 41 9ad7db6d-812f-4e1c-8d99-4ceb5a581e98 -
2014-07-25 16:30:27 10.1.3.8 - <serverip> ControlChannelClosed - - 0 0 9ad7db6d-812f-4e1c-8d99-4ceb5a581e98 -
2014-07-25 16:30:27 10.1.3.8 - <serverip> ControlChannelOpened - - 0 0 96ae42ad-33fc-4edf-9bde-fb6a6cdf0608 -
2014-07-25 16:30:28 10.1.3.8 - <serverip> USER <name> 331 0 0 96ae42ad-33fc-4edf-9bde-fb6a6cdf0608 -
2014-07-25 16:30:29 10.1.3.8 - <serverip> PASS *** 530 1326 41 96ae42ad-33fc-4edf-9bde-fb6a6cdf0608 -
2014-07-25 16:30:30 10.1.3.8 - <serverip> ControlChannelClosed - - 0 0 96ae42ad-33fc-4edf-9bde-fb6a6cdf0608 -
0
Comment
Question by:Christina Taylor
  • 2
  • 2
5 Comments
 

Author Comment

by:Christina Taylor
ID: 40219981
It appears that I must specify the servername\username and authentication is successful that way.
Is there a way to modify the setup so users only need to provide the username?
0
 
LVL 36

Accepted Solution

by:
Mahesh earned 500 total points
ID: 40220259
I hope FTP is setup for basic authentication
In IIS navigate to basic authentication of FTP site and right click \ edit and put your AD domain name there (For Ex: contoso.com)
Then you don't need to put domain\user , just put username and pasword
0
 
LVL 4

Expert Comment

by:rastoi
ID: 40220324
I think you do not have possible solution here.
In FTP site setup  you can specify "default domain" what can be either your domain on local computer. Users from not default needs to identify self with full domain\user (computer\user). There is not an option to let IIS browse trough multiple domain for user name/password combination. It is the same with the windows logon (authentication) in general.
0
 

Author Comment

by:Christina Taylor
ID: 40230131
Yes, basic authentication is enabled with AD name entered.
0
 
LVL 4

Expert Comment

by:rastoi
ID: 40230464
Just like was stated already, you have to choose whether "domain" or "local" users will be provided with bonus of using short names. There is no optipn to have both.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lync server 2013 or Skype for business Backup Service Error ID 4049 – After File Share Migration
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question