New to 2008 FTP (Domain user can access FTP / Local server acount cannot).

Question

User-616853041 posted

I have setup a new IIS server on a Windows 2008 R2 server. It was setup originally for domain accounts.. I have steup a local group for FTP users on the FTP server and added the domain users to this local group.

       FTP setup - authentication / authorization

      For FTP Authentication = (Basic Authentication (domain)) & (Anonymous Authentication)  ;

      For FTP Authorization (Allow Specified roles) local FTP group  ; Added a second one  (Allow Specified roles) added a local user. The local server user cannot access the FTP site - domain users have no issues.

      All was working great until someone wanted a local user added to access the FTP server. The local user does not have access = error 530..

       I noticed that if I add the server name infront of the local server user name that it works.

        servername\ftpuser 

       Any help would be great,

         Thanks,

Answer 1

User1073881637 posted

1) remove the AD domain from the FTP settings, this will allow local users to work

2) Have AD users authenticate like local users with their domain account.  You need to set the msIIS-FTPDir and msIIS-FTPRoot attributes on the user object.  You can use adsiedit.msc or a script I did.  You'll need the appropriate perms in AD. http://weblogs.asp.net/steveschofield/archive/2009/01/02/powershell-1-0-script-to-update-active-directory-ftp-user-isolation-attributes-msiis-ftpdir-msiis-ftproot.aspx

I tested this locally and appeared to meet your requirements.   One thing to keep in mind when removing the domain name,, you'll need to restart the ftpsvc so the settings are refreshed.  Hope this helps.

Answer 2

User521890537 posted

Does local user have permission on ftp home folder?

Answer 3

User-616853041 posted

Hello,

    Thanks for the response.. The user account has permission access to the folder. Still no access..