Solved

Setup FTP user windows server 2008

Posted on 2015-02-21
3
392 Views
Last Modified: 2015-03-19
Hello ,

I have setup  my FTP on my windows server 2008.

I have created a user account to access this FTP, let's call it FTP_USER. Everything is working good.

How can I restrict this account FTP_USER to only be able to access the FTP and nothing else. I don't want this account to login to my server or anything else.

Thanks
0
Comment
Question by:arnololo123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 9

Expert Comment

by:Benjamin MOREAU
ID: 40624598
I never use Microsoft FTP (personal choice), but I use the Free FTP Server "Filezilla server". With this solution, you can use accounts created on filezilla server and not on windows.

Maybe somebody have a solution to disable logon with windows account without to disable ftp access... but i don't know how to do that... (maybe with local security - GPEDIT.msc).
0
 

Author Comment

by:arnololo123
ID: 40673078
Thanks but this does not resolve my problem
0
 
LVL 28

Accepted Solution

by:
Bill Bach earned 500 total points
ID: 40676810
I would echo Benjamin's comments.  The Microsoft FTP server does have some issues, and I also use Filezilla to avoid these security issues, as well as provide for download and upload "speed limits" to prevent random people from impacting my Internet uplink performance.  You can see this if you do a web search for "free ftp server comparison" -- even though Microsoft's ftp service is free, it is RARELT (or NEVER) mentioned in any of these comparisons or reviews.

If your ONLY option was the Windows FTP service, then you should know that the Microsoft security is handled by exclusion, not inclusion.  In other words, rights are subtractive, not additive.  First, make sure that the user is NOT a member of any groups -- it should be a stand-alone account.  Then, you want to explicitly define NO rights for this user to the root of each volume.  Then, explicitly assign rights to the FTP folder(s) as needed.  By default, the user should not have the Log On Locally right, but you may wish to check this (in gpmc.msc) and exclude this right, too.  This will help prevent the login from being able to sign onto the server console itself, too.
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question