« Previous Next »

• 12-29-2008, 6:29 PM

  iconoclast88 Joined on 12-29-2008, 6:11 PM Posts 6

  FTPS in IIS 7 - trying to get the ftproot dir to point to a clustered network share Reply Contact I have a network with a SAN which houses our data shares. I have a windows 2008 ent. Web server with iis 7 installed in a network with a windows 2003 Active directory environment. I have confirmed FTPS works with the local administrator account using a local ftproot dir. We have no desire to store our customer's uploaded data onto the local FTP server's drives. We need the FTP Virtual Dir ftp root to be a network location for better backup/efficiency. I changed the "connect as" on basic settings to a domain administrator account for testing purposes. the physical path was changed to the network location. \\servername\f$\networkfolder I do not have user isolation setup. Under FTP Authentication , basic is enabled with our domain's netbios name.  Under FTP Authorization Rules, I have allowed a specific user - a domain user: "domain\ftpuser" since the virtual directory is named "customer1", when I log in using domain credentials, I should be using "customer1|domain\username", correct?  When I tried using a local administrator, I used "customer1|localadministrator" successfully. firewall support is setup correctly.  FTP SSL works with our cert. What am I missing? I just want to point the ftproot to a network share. Using the latest filezilla client, here's the output:   Status: Resolving address of filetransfer.domain.net Status: Connecting to 123.456.7.89:990... Status: Connection established, initializing TLS... Status: Verifying certificate... Status: TLS/SSL connection established, waiting for welcome message... Response: 220 Microsoft FTP Service Command: USER customer1|domain\username Response: 550 No such host is known. Error: Could not connect to server Josh

• 12-29-2008, 10:41 PM

  In reply to

  blfoleyus Joined on 05-24-2007, 10:46 AM Orlando Florida Posts 3	Re: FTPS in IIS 7 - trying to get the ftproot dir to point to a clustered network share Reply Contact Mount the share to a drive letter and work it that way. Bradley Foley http://www.blfoley.com/

• 12-30-2008, 8:53 AM

  In reply to

  iconoclast88 Joined on 12-29-2008, 6:11 PM Posts 6	Re: FTPS in IIS 7 - trying to get the ftproot dir to point to a clustered network share Reply Contact Didn't work, but thanks.

• 12-30-2008, 3:07 PM

  In reply to

  JaroDunajsky Joined on 04-19-2005, 10:23 PM Redmond Posts 168

  Re: FTPS in IIS 7 - trying to get the ftproot dir to point to a clustered network share Reply Contact Josh, the virtual site name specified in the user field in not meant for virtual directories. It is meant only for scenarios where you would like to setup individual FTP sites with unique names sharing the same address. Then the hostname of the site could be communicated through the USER field separated by pipe character. In your case you just log on using domain\username. If you cannot use FTP user credentials to access the SAN then you may want to consider configuring UNC user credentials for virtual directory that would be recognized by SAN and use FTP authorization for the access control needs. Jaroslav Dunajsky (MSFT, IIS)

• 01-02-2009, 10:39 AM

  In reply to

  iconoclast88 Joined on 12-29-2008, 6:11 PM Posts 6	Re: FTPS in IIS 7 - trying to get the ftproot dir to point to a clustered network share Reply Contact After using only "domain\username", I recieved,   " Response: 550 No such host is known. Error: Could not connect to server"

• 01-02-2009, 10:41 AM

  In reply to

  iconoclast88 Joined on 12-29-2008, 6:11 PM Posts 6	Re: FTPS in IIS 7 - trying to get the ftproot dir to point to a clustered network share Reply Contact But as far as the virtualname|domain\user  We do have seperate entities or companies that we want to cut up and have seperate directories for uploading files, so this is still relevant to us.

• 01-03-2009, 1:41 AM

  In reply to

  steve schofield Joined on 06-10-2002, 8:54 PM MI Posts 3,890

  Re: FTPS in IIS 7 - trying to get the ftproot dir to point to a clustered network share Reply Contact Hi, I wasn't able to reproduce the error, but in the post below I setup FTP over SSL to a UNC share using domain accounts.  http://forums.iis.net/p/1147315/1860792.aspx#1860792 Might be worth double checking this article for tips. http://learn.iis.net/page.aspx/320/using-ftp-virtual-host-names/   Steve Schofield Windows Server MVP - IIS http://weblogs.asp.net/steveschofield http://www.IISLogs.com Log archival solution Install, Configure, Forget

• 01-03-2009, 1:46 AM

  In reply to

  steve schofield Joined on 06-10-2002, 8:54 PM MI Posts 3,890

  Re: FTPS in IIS 7 - trying to get the ftproot dir to point to a clustered network share Reply Contact Also, make sure to enable auditing on the clustered node hosting the network share.  It shouldn't matter it's a clustered share vs. a standalone share.  For testing purposes to rule out anything related to clustering, setup a stand-alone share on a test box and grant the appropriate permissions.  If that works, then try the same thing on the clustered share, it shouldn't matter IMHO. 'setup auditing. http://weblogs.asp.net/steveschofield/archive/2008/03/07/detecting-permission-issues-using-auditing-and-process-monitor.aspx Steve Schofield Windows Server MVP - IIS http://weblogs.asp.net/steveschofield http://www.IISLogs.com Log archival solution Install, Configure, Forget

• 01-03-2009, 8:27 AM

  In reply to

  iconoclast88 Joined on 12-29-2008, 6:11 PM Posts 6	Re: FTPS in IIS 7 - trying to get the ftproot dir to point to a clustered network share Reply Contact Thanks for the input. I'll give it a try.

• 01-20-2009, 11:45 PM

  In reply to

  iconoclast88 Joined on 12-29-2008, 6:11 PM Posts 6

  Re: FTPS in IIS 7 - trying to get the ftproot dir to point to a clustered network share Reply Contact Ok, I reviewed the links you had posted, and tested heavily from scratch.  What I found is that I was able to set up a share located on a different serer (normal share) and direct the FTP site to it.  I was able to successfully FTPS into it, no problem, locked down by ActiveD by group. Perfect.  I set up the exact same setup except it was pointing to a clustered share. Even messed with the basic settings and changed the folder connection account to use our domain administrator account to authenticate and even messed with different app pools with highest network account. I should mention, that when I actually use our domain admin account as the FTP username/password combo, it will then authenticate to the clusterd share, no problem. But, I'm trying to use this "demo2" AD account to simulate a normal user. "demo2" has NTFS rights on the target clustered folder.  its always the same message. (but different than what I originally posted):   Status: Connecting to 12.34.5.67:990... Status: Connection established, initializing TLS... Status: Verifying certificate... Status: TLS/SSL connection established, waiting for welcome message... Response: 220 Microsoft FTP Service Command: USER demo2|domain\demo2 Response: 331 Password required for demo2|domain\demo2. Command: PASS ******** Response: 530 User cannot log in, home directory inaccessible. Error: Could not connect to server