Solved

Setup FTP user windows server 2008

Posted on 2015-02-21
3
403 Views
Last Modified: 2015-03-19
Hello ,

I have setup  my FTP on my windows server 2008.

I have created a user account to access this FTP, let's call it FTP_USER. Everything is working good.

How can I restrict this account FTP_USER to only be able to access the FTP and nothing else. I don't want this account to login to my server or anything else.

Thanks
0
Comment
Question by:arnololo123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 9

Expert Comment

by:Benjamin MOREAU
ID: 40624598
I never use Microsoft FTP (personal choice), but I use the Free FTP Server "Filezilla server". With this solution, you can use accounts created on filezilla server and not on windows.

Maybe somebody have a solution to disable logon with windows account without to disable ftp access... but i don't know how to do that... (maybe with local security - GPEDIT.msc).
0
 

Author Comment

by:arnololo123
ID: 40673078
Thanks but this does not resolve my problem
0
 
LVL 28

Accepted Solution

by:
Bill Bach earned 500 total points
ID: 40676810
I would echo Benjamin's comments.  The Microsoft FTP server does have some issues, and I also use Filezilla to avoid these security issues, as well as provide for download and upload "speed limits" to prevent random people from impacting my Internet uplink performance.  You can see this if you do a web search for "free ftp server comparison" -- even though Microsoft's ftp service is free, it is RARELT (or NEVER) mentioned in any of these comparisons or reviews.

If your ONLY option was the Windows FTP service, then you should know that the Microsoft security is handled by exclusion, not inclusion.  In other words, rights are subtractive, not additive.  First, make sure that the user is NOT a member of any groups -- it should be a stand-alone account.  Then, you want to explicitly define NO rights for this user to the root of each volume.  Then, explicitly assign rights to the FTP folder(s) as needed.  By default, the user should not have the Log On Locally right, but you may wish to check this (in gpmc.msc) and exclude this right, too.  This will help prevent the login from being able to sign onto the server console itself, too.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When asking a question in a forum or creating documentation, screenshots are vital tools that can convey a lot more information and save you and your reader a lot of time
Sometimes clients can lose connectivity with the Lotus Notes Domino Server, but there's not always an obvious answer as to why it happens.   Read this article to follow one of the first experiences I had with Lotus Notes on a client's machine, my…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question