« Previous Next »

• 04-20-2008, 6:19 PM

  Gengar003 Joined on 04-20-2008, 10:09 PM Posts 6

  FTP Server Set-up Reply Contact Hello. I am having trouble setting up FTP7 in IIS 7, on Windows Server 2008. Specifically, I have no clue what the heck is going on. I've spent hours on google reading tutorials that didn't *really* relate to my problem, but purported to get an FTP account working, to no avail. The farthest I got was a 530 "user cannot log in" error. Part of my problem is that I do not wish to use FTP for web publishing. My old server, that I am attempting to migrate from, had a FileZilla FTP server set up such that: - Users were stored/handled by the FTP service - not by the windows user database or an Active Directory server. - Users could download files (but not upload) from several directories. - Users each had an (automatically created) home directory, where they could upload and download. - Users could be placed in different "groups" with different read, write, and view permissions. In additon to not being able to get any kind of FTP access working, I had trouble finding tutorials for, or finding out if it is possible to, duplicate the above functionality. My questions, then, are 1. Is it possible to have a setup similar to the one I describe above with IIS7's FTP7? 2. Where can I find instructions for doing so? 3. If it is not possible, how do I set up FTP7 in IIS7, so that I can choose a username and password, and allow that user access to a chosen folder? Thank you for your time...

• 04-21-2008, 1:34 PM

  In reply to

  jeff@zina.com Joined on 09-26-2003, 6:43 AM Naples, FL, USA Posts 2,096

  Re: FTP Server Set-up Reply Contact First dumb question:  If FileZilla worked for you in the old server, why aren't you using it in the new one? Second dumb question:  If you have no desire to use FTP for web publishing, what exactly do you need from FTP? As for your questions: 1) Yes, Yes, No and Sort of. 2)  Here on www.iis.net. 3)  Install IIS 7.  Provide the folder in question you choose to use.  Make sure the NETWORK SERVICE account has MODIFY permissions on the folder.  Create the FTP account and grant it Read and Write permissions. Jeff Look for Wrox's new book Professional IIS 7 in your local bookstore, or order now at Amazon.com

• 04-21-2008, 3:16 PM

  In reply to

  Gengar003 Joined on 04-20-2008, 10:09 PM Posts 6

  Re: FTP Server Set-up Reply Contact First answer: Apache worked on the old server, too. However, I want to consolidate as many server functions as I can into the IIS/Winows Server 2008 package - Instead of separate apache, php, mysql, perl, ftp, and ssh installations. Perhaps I misunderstand the purpose or capabilities of IIS7's FTP - if that is the case, I would like to know, so I can go back to FileZilla. I noticed, however, that management of the server features that I have managed to consolidate ("virtual hosts," php, perl, logging) is much nicer and easier in IIS7 than my former setup. If moving from FileZilla -> FTP7 can provide the same ease-of-use increase in the end, I want to make the switch. Second answer: I want to use the FTP server/ice as a means to allow users to access common folders, and upload to/download from private folders on the server. Essentially the same functionality as setting up windows shares and an Active Directory with home folders, but accessed via an FTP client, because 1) Any platform with an FTP client can connect. 2) Windows networking has always produced "mysterious" problems on at least one of the machines attempting to connect/share files. FTP has never done this. 3) FTP feels more secure, from the server's standpoint, than enabling a network share - especially because I want to offer (limited) anonymous FTP access. 4) An FTP server (Or the setup I had withe FileZilla, at least,) can be connected to over a LAN, over the internet, through a VPN, etc with no extra configuration on client or server-side, once the server is running. As far as I know, I cannot mount network shares over the internet. I assume it can probably be done with some effort, but this is not something I want my servers' users to have to go through. Regarding your answers #2 & 3 - could you possibly provide a bit more detail? Even a "Server Manager -> Features -> Next Option -> Next option -> set this value" style notation would be helpful - as I said, I spent hours following the tutorials here on elsewhere (with screenshots, too), but was unable to produce a working configuration. A bit more detail about my setup: Server2008 runs on one drive, S:\, and the data it serves (websites and FTP shared and private folders) resides on a second drive, M:\. I have several folders on M:\, which I want to make available in different ways via FTP: www (websites served from here; should not be available in FTP) public_ftp (anonymous ftp logins should be able to view this folder) private_ftp (authenticated ftp users' home folders are stored here.) Documents (authenticated users should be able to read/write this) Backup (authenticated users read/write) Downloads (common files for authenticated users, read only) That's what I want to do with my FTP server - an easier-on-the-users, more-platform-independent file sharing solution. Is IIS7's FTP7 capable of doing this, or is it mostly a "publish-to-IIS7-website" utility?

• 04-21-2008, 7:13 PM

  In reply to

  robmcm Joined on 05-27-2006, 1:05 AM Redmond, WA Posts 125

  Re: FTP Server Set-up Reply Contact Hi Gengar003, I know that the following list of topics is a repost from one of my earlier blog entries, but the following list is fairly comprehensive in terms of scope where the new FTP7 service is concerned: Installing FTP7: Installing and Troubleshooting FTP7 Working with FTP Sites: Creating a New FTP Site Add FTP publishing to an existing Web site Configuring Security Features: Configure FTP over SSL Configure FTP User Isolation Configure FTP virtual host names Configuring FTP Firewall Settings Advanced Administrative Features: Using FSRM Folder Quotas with FTP Configure IIS Manager Authentication That being said, let me tackle each of your initial statements: Q: Users were stored/handled by the FTP service - not by the windows user database or an Active Directory server. A: There are two built-in methods of using non-Windows user accounts with FTP7: IIS Managers: These accounts are known only to IIS and are typically used for managing web sites, but they can be used for FTP access as well. ASP.NET User Accounts: These accounts can be shared with IIS forms-based authentication or ASP.NET applications. Q: Users could download files (but not upload) from several directories. A: This can be configured through FTP7's authorization settings. Q: Users each had an (automatically created) home directory, where they could upload and download. A: FTP7 does not automatically create any directories for users, but users can be locked into different virtual roots based on their user accounts through "User Isolation", so each user cannot change directory outside of their home directory. While not the same as automatic creation of home directories, the creation of the home directories could be automated as part of an account creation script. Q: Users could be placed in different "groups" with different read, write, and view permissions. A: Windows-based accounts can certainly be placed in groups, and those groups can be given different permissions to files in two ways: FTP7 authorization settings can be configured to allow Read or Write access to users or groups. NTFS ACLs can be configured for any level of deeper permissions configuration: Read, Write, List, Delete, Modify, etc. In looking at your list of folders that you would like to make available under FTP, it should be possible to configure the folders as you intend once you get the hang of setting the per-folder authorization settings. Robert McMurray (MSFT, IIS)

  Tags: FTPFTP AccountFTP Authorization

• 04-29-2008, 12:11 PM

  In reply to

  Kanien Joined on 01-31-2008, 12:14 AM Posts 104

  Re: FTP Server Set-up Reply Contact I'm attempting to setup a virtual directory off a FTP site where a user only has read access and I'm having trouble with the syntax.  C:\Windows\System32\inetsrv>appcmd set config "DefaultFTPSite/localuser/testsite/L ogFiles" /section:system.ftpServer/security/authorization /? ERROR ( message:-[,users='string',roles='string',permissions='flags'].accessType -[,users='string',roles='string',permissions='flags'].users -[,users='string',roles='string',permissions='flags'].roles -[,users='string',roles='string',permissions='flags'].permissions  ) Any suggestions on how to modify from here?

• 08-15-2008, 1:02 PM

  In reply to

  LexLewThor Joined on 08-15-2008, 4:59 PM Posts 1	Re: FTP Server Set-up Reply Contact Did you ever get this process to work for you? I am starting the exact same process, If you didnt get it to work what FTP server did you go back to??

• 08-15-2008, 5:16 PM

  In reply to

  robmcm Joined on 05-27-2006, 1:05 AM Redmond, WA Posts 125

  Re: FTP Server Set-up Reply Contact The following syntax should work: appcmd.exe set config "Default Ftp Site/LocalUser/TestSite" -section:system.ftpServer/security/authorization /+"[accessType='Allow',users='',roles='SiteAuthors',permissions='Read, Write']" /commit:apphost A great way to create scripts is to use the Generate Script feature of the Config Editor that's available as part of the Administration Pack for IIS 7.0. Robert McMurray (MSFT, IIS)

  Tags: FTPFTP AuthorizationFTP 7

• 08-15-2008, 6:01 PM

  In reply to

  mdsterling Joined on 08-15-2008, 3:59 PM Posts 5

  Re: FTP Server Set-up Reply Contact I've been trying to follow all these directions and I've done all of this but for some reason I'm not getting a directory listing when connected to the ftp account from another computer using a ftp program using my public ip.  I see the connection is made from the server and the banner messages are showing in the client but no directory listing is displayed. The last queue msg. is ["/" is current directory]. but no files are listed. If I'm on the network I can access it by using the private ip address but not the public ip.   I'm behind a static nat with out using SSL as specified. the public is pointing to the private with port 21 open. and I'm able to go through to website on 80 port fine using the public ip. So I know it's just something in the FTP configuration.  ANY HELP REALLY....APPRECIATED.

• 08-16-2008, 3:28 PM

  In reply to

  robmcm Joined on 05-27-2006, 1:05 AM Redmond, WA Posts 125	Re: FTP Server Set-up Reply Contact That sounds to me like a firewall is blocking the data channel. You might want to take a look at Jaro's great blog on the subject: http://blogs.iis.net/jaroslad/archive/2007/09/29/windows-firewall-setup-for-microsoft-ftp-publishing-service-for-iis-7-0.aspx   Robert McMurray (MSFT, IIS)
  	Tags: FTP 7

• 08-18-2008, 5:33 AM

  In reply to

  mdsterling Joined on 08-15-2008, 3:59 PM Posts 5

  Re: FTP Server Set-up Reply Contact Thanks. Though I actually followed those directions before posting this it still didn't work. That's why I posted there first. But there was a chain of events that was causing the listing missing. Nevertheless I tried it again and WA-LA it works now.  I had the starting port number wrong. I had 49215 .... I also set it as a UDP instead of TCP. Once I changed all of this in my router it was up. Thanks so much.

• 08-20-2008, 2:25 AM

  In reply to

  ahiruman Joined on 08-20-2008, 2:24 AM Posts 2	Re: FTP Server Set-up Reply Contact this configuration setup is flawed, it does not explain anything and i'm still having issues!