IIS 7 and Above
New to 2008 FTP (Domain user can access FTP / Local server acount can...
Last post Jun 06, 2011 06:53 AM by JTSobey
Jun 01, 2011 11:53 AM|JTSobey|LINK
I have setup a new IIS server on a Windows 2008 R2 server. It was setup originally for domain accounts.. I have steup a local group for FTP users on the FTP server and added the domain users to this local group.
FTP setup - authentication / authorization
For FTP Authentication = (Basic Authentication (domain)) & (Anonymous Authentication) ;
For FTP Authorization (Allow Specified roles) local FTP group ; Added a second one (Allow Specified roles) added a local user. The local server user cannot access the FTP site - domain users have no issues.
All was working great until someone wanted a local user added to access the FTP server. The local user does not have access = error 530..
I noticed that if I add the server name infront of the local server user name that it works.
Any help would be great,
Jun 01, 2011 08:04 PM|steve schofield|LINK
1) remove the AD domain from the FTP settings, this will allow local users to work
2) Have AD users authenticate like local users with their domain account. You need to set the msIIS-FTPDir and msIIS-FTPRoot attributes on the user object. You can use adsiedit.msc or a script I did. You'll need the appropriate perms in AD.
I tested this locally and appeared to meet your requirements. One thing to keep in mind when removing the domain name,, you'll need to restart the ftpsvc so the settings are refreshed. Hope this helps.
Windows Server MVP - IIS
Log archival solution
Install, Configure, Forget
Jun 06, 2011 03:07 AM|kctt|LINK
Does local user have permission on ftp home folder?
Jun 06, 2011 06:53 AM|JTSobey|LINK
Thanks for the response.. The user account has permission access to the folder. Still no access..