Is your machine in domain environment? Do you happen to have local account and domain account with matching name? I analyzed authorization code and couldn't find a gap. But for the basic authentication (with windows accounts) we translate names to SIDs for
comparisons and I wonder if those SIDs resolve OK.
The server is configured to use pass-through authentication with a built-in account to access the specified physical path. However, IIS Manager cannot verify whether the built-in account has access. Make sure that the application pool identity has Read access
to the physical path. If this server is joined to a domain, and the application pool identity is NetworkService or LocalSystem, verify that <domain>\<computer_name>$ has Read access to the physical path. Then test these settings again. "
The test settings msgs mainly refers to Web or HTTP.
I did a quick test by loading the new ftp.msi to my RC0, was unable to procedure your error :)
Can you recap that -
a) this is a windows user, right?
b) you are in standalone setup
c) d:\ path is local disk (this is same as webroot, right?), what's the NTFS permissions look like.
For Windows built-in users, nothing much to set. just enable the authentication + authorization rules + user's NTFS permission setting.
while - for IIS Manager user - you need wmsvc, network service account READ access to config/temp asp.net files/ftp path, then add the user to site's 'IIS Manager Permissions', then repeat the same setting for auth + authorization, etc.
By standalone, I mean - is the machine alone :) ? or is it part of an active directory domain?
IIS FTP uses basic/anonymous/custom auth, windows auth no supported. So you are using Windows User and not IIS Manager user. And looks like you have got everything setup correctly. Using Windows user the setup work out of the box, you just need to configure
the NTFS permission. can you try
a) grant all users read access instead of just the user.
b) ensure in ftp authentication property you have enabled anonymous + basic. have you try anonymous access ? does it work?
I've got the FTP service running on Port 21 for all accounts, I'm still using Windows Accounts, as I don't know enough to use the ASP.NET accounts you were talking about.
Is it much easier per-se than using Windows Accounts?
qbernard
5016 Posts
MVP
Moderator
Re: Using FTP accounts
Oct 14, 2007 03:25 AM|LINK
Should be at the end of applicationHost.config, do a search on location path ...
<location path="XMB-Test"> or FTP
Bernard Cheah
starpg
77 Posts
Re: Using FTP accounts
Oct 14, 2007 10:40 AM|LINK
I found the apphost config file, and Those lines were exactly present in the configuration for that site.
it's so weird
JaroDunajsky
194 Posts
Microsoft
Re: Using FTP accounts
Oct 16, 2007 01:26 PM|LINK
Is your machine in domain environment? Do you happen to have local account and domain account with matching name? I analyzed authorization code and couldn't find a gap. But for the basic authentication (with windows accounts) we translate names to SIDs for comparisons and I wonder if those SIDs resolve OK.
Jaro Dunajsky
starpg
77 Posts
Re: Using FTP accounts
Oct 17, 2007 12:02 AM|LINK
I noticed that in the "Test settings" it is giving me a warning:
"Authorization: cannot verify access to folder ( D:\Folder name[I replaced name]\)
The server is configured to use pass-through authentication with a built-in account to access the specified physical path. However, IIS Manager cannot verify whether the built-in account has access. Make sure that the application pool identity has Read access to the physical path. If this server is joined to a domain, and the application pool identity is NetworkService or LocalSystem, verify that <domain>\<computer_name>$ has Read access to the physical path. Then test these settings again. "
does this happen to be the issue?
starpg
77 Posts
Re: Using FTP accounts
Oct 17, 2007 12:05 AM|LINK
oh and as my own reply to this
the user for log-in has full control in the Folder's Security settings
and it is also set as the "home directory" or whatever it's called via the lusrmgr
qbernard
5016 Posts
MVP
Moderator
Re: Using FTP accounts
Oct 17, 2007 05:10 AM|LINK
The test settings msgs mainly refers to Web or HTTP.
I did a quick test by loading the new ftp.msi to my RC0, was unable to procedure your error :)
Can you recap that -
a) this is a windows user, right?
b) you are in standalone setup
c) d:\ path is local disk (this is same as webroot, right?), what's the NTFS permissions look like.
For Windows built-in users, nothing much to set. just enable the authentication + authorization rules + user's NTFS permission setting.
while - for IIS Manager user - you need wmsvc, network service account READ access to config/temp asp.net files/ftp path, then add the user to site's 'IIS Manager Permissions', then repeat the same setting for auth + authorization, etc.
Bernard Cheah
starpg
77 Posts
Re: Using FTP accounts
Oct 17, 2007 09:28 PM|LINK
D:\ is not the same Drive as webroot (inetpub) - thats on the C drive.
and what do you mean by standalone set up??
lastly
I'm only using Windows Authentication...using Windows Users...Could you tell me how the NTFS permissions works?? No one has ever explained this.
The user has permissions on the folder that the site is on...
qbernard
5016 Posts
MVP
Moderator
Re: Using FTP accounts
Oct 18, 2007 02:26 AM|LINK
By standalone, I mean - is the machine alone :) ? or is it part of an active directory domain?
IIS FTP uses basic/anonymous/custom auth, windows auth no supported. So you are using Windows User and not IIS Manager user. And looks like you have got everything setup correctly. Using Windows user the setup work out of the box, you just need to configure the NTFS permission. can you try
a) grant all users read access instead of just the user.
b) ensure in ftp authentication property you have enabled anonymous + basic. have you try anonymous access ? does it work?
c) remove the ftp site then recreate again.
Bernard Cheah
starpg
77 Posts
Re: Using FTP accounts
Oct 21, 2007 09:58 PM|LINK
I'd like to let you guys know
I've got the FTP service running on Port 21 for all accounts, I'm still using Windows Accounts, as I don't know enough to use the ASP.NET accounts you were talking about.
Is it much easier per-se than using Windows Accounts?
qbernard
5016 Posts
MVP
Moderator
Re: Using FTP accounts
Oct 22, 2007 02:25 AM|LINK
Why don't you add a new ftp site and follow the guideline on this site.
I have followed the steps and able to ftp without any issue.
Bernard Cheah