FTP user isolation

I've setup a new FTP site using User Isolation on a Win2K8 R2 server.  Domain users have no access issues, but local users cannot log in.  Need some guidance.

I've followed this article exactly.  http://mistech.com/how-to-configure-ftp-user-isolation-in-iis-7-5-on-windows-2008-server-r2/

Logs show the following for a local user log in:
2014-07-25 16:30:25 10.1.3.8 - <serverip>ControlChannelOpened - - 0 0 9ad7db6d-812f-4e1c-8d99-4ceb5a581e98 -
2014-07-25 16:30:25 10.1.3.8 - <serverip> USER <name> 331 0 0 9ad7db6d-812f-4e1c-8d99-4ceb5a581e98 -
2014-07-25 16:30:27 10.1.3.8 - <serverip> PASS *** 530 1326 41 9ad7db6d-812f-4e1c-8d99-4ceb5a581e98 -
2014-07-25 16:30:27 10.1.3.8 - <serverip> ControlChannelClosed - - 0 0 9ad7db6d-812f-4e1c-8d99-4ceb5a581e98 -
2014-07-25 16:30:27 10.1.3.8 - <serverip> ControlChannelOpened - - 0 0 96ae42ad-33fc-4edf-9bde-fb6a6cdf0608 -
2014-07-25 16:30:28 10.1.3.8 - <serverip> USER <name> 331 0 0 96ae42ad-33fc-4edf-9bde-fb6a6cdf0608 -
2014-07-25 16:30:29 10.1.3.8 - <serverip> PASS *** 530 1326 41 96ae42ad-33fc-4edf-9bde-fb6a6cdf0608 -
2014-07-25 16:30:30 10.1.3.8 - <serverip> ControlChannelClosed - - 0 0 96ae42ad-33fc-4edf-9bde-fb6a6cdf0608 -
Christina TaylorIT AdministratorAsked:
Who is Participating?
 
MaheshConnect With a Mentor ArchitectCommented:
I hope FTP is setup for basic authentication
In IIS navigate to basic authentication of FTP site and right click \ edit and put your AD domain name there (For Ex: contoso.com)
Then you don't need to put domain\user , just put username and pasword
0
 
Christina TaylorIT AdministratorAuthor Commented:
It appears that I must specify the servername\username and authentication is successful that way.
Is there a way to modify the setup so users only need to provide the username?
0
 
rastoiWindows DTS expertCommented:
I think you do not have possible solution here.
In FTP site setup  you can specify "default domain" what can be either your domain on local computer. Users from not default needs to identify self with full domain\user (computer\user). There is not an option to let IIS browse trough multiple domain for user name/password combination. It is the same with the windows logon (authentication) in general.
0
 
Christina TaylorIT AdministratorAuthor Commented:
Yes, basic authentication is enabled with AD name entered.
0
 
rastoiWindows DTS expertCommented:
Just like was stated already, you have to choose whether "domain" or "local" users will be provided with bonus of using short names. There is no optipn to have both.
0
All Courses

From novice to tech pro — start learning today.