Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 400
  • Last Modified:

FTP user isolation

I've setup a new FTP site using User Isolation on a Win2K8 R2 server.  Domain users have no access issues, but local users cannot log in.  Need some guidance.

I've followed this article exactly.  http://mistech.com/how-to-configure-ftp-user-isolation-in-iis-7-5-on-windows-2008-server-r2/

Logs show the following for a local user log in:
2014-07-25 16:30:25 10.1.3.8 - <serverip>ControlChannelOpened - - 0 0 9ad7db6d-812f-4e1c-8d99-4ceb5a581e98 -
2014-07-25 16:30:25 10.1.3.8 - <serverip> USER <name> 331 0 0 9ad7db6d-812f-4e1c-8d99-4ceb5a581e98 -
2014-07-25 16:30:27 10.1.3.8 - <serverip> PASS *** 530 1326 41 9ad7db6d-812f-4e1c-8d99-4ceb5a581e98 -
2014-07-25 16:30:27 10.1.3.8 - <serverip> ControlChannelClosed - - 0 0 9ad7db6d-812f-4e1c-8d99-4ceb5a581e98 -
2014-07-25 16:30:27 10.1.3.8 - <serverip> ControlChannelOpened - - 0 0 96ae42ad-33fc-4edf-9bde-fb6a6cdf0608 -
2014-07-25 16:30:28 10.1.3.8 - <serverip> USER <name> 331 0 0 96ae42ad-33fc-4edf-9bde-fb6a6cdf0608 -
2014-07-25 16:30:29 10.1.3.8 - <serverip> PASS *** 530 1326 41 96ae42ad-33fc-4edf-9bde-fb6a6cdf0608 -
2014-07-25 16:30:30 10.1.3.8 - <serverip> ControlChannelClosed - - 0 0 96ae42ad-33fc-4edf-9bde-fb6a6cdf0608 -
0
Christina Taylor
Asked:
Christina Taylor
  • 2
  • 2
1 Solution
 
Christina TaylorIT AdministratorAuthor Commented:
It appears that I must specify the servername\username and authentication is successful that way.
Is there a way to modify the setup so users only need to provide the username?
0
 
MaheshArchitectCommented:
I hope FTP is setup for basic authentication
In IIS navigate to basic authentication of FTP site and right click \ edit and put your AD domain name there (For Ex: contoso.com)
Then you don't need to put domain\user , just put username and pasword
0
 
rastoiCommented:
I think you do not have possible solution here.
In FTP site setup  you can specify "default domain" what can be either your domain on local computer. Users from not default needs to identify self with full domain\user (computer\user). There is not an option to let IIS browse trough multiple domain for user name/password combination. It is the same with the windows logon (authentication) in general.
0
 
Christina TaylorIT AdministratorAuthor Commented:
Yes, basic authentication is enabled with AD name entered.
0
 
rastoiCommented:
Just like was stated already, you have to choose whether "domain" or "local" users will be provided with bonus of using short names. There is no optipn to have both.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now