IIS 7 and Above
Error 530 Home Directory Inaccessible
Last post Aug 22, 2017 07:06 AM by Yuk Ding
Aug 10, 2017 04:40 PM|anthonyaudi|LINK
Hello guys I have a particular problem that I can't seem to get the answer to. I've tried many different ways and cannot seem to come to a conclusion
I have created a Windows FTP using IIS. I am using Windows Server 2012 R2
In IIS I have created my ftp: ftp.anthonyaudi.com
My folder structure is as follows
I have a folder called Anthony, and under Anthony I have subfolders (example Anthony1 / 2 / 3 / 4 etc)
I have created local users (Anthony / Anthony1 / 2 /3 /4 etc)
I have created a folder called localuser and under there my folder Anthony exists and all the subfolders are there.
Here is my dilemma.
When I create the folder Anthony as a virtual directory I have no problem connecting to it with user Anthony, however, if I create a virtual directory Anthony1 from INSIDE the folder Anthony I cannot connect to it with user Anthony1 I get the error 530 home
However, if I create Anthony1 as a virtual directory under localuser I have no issues connecting to the folder with user anthony1.
What am I missing here, the idea for creating the vdir under the root folder Anthony is to keep things clean because I will eventually have other folders with subfolders and I do not want the localuser directory to become crowded.
Is this a limitation of IIS? Can I even do what I am attempting?
Aug 10, 2017 05:37 PM|Paul Lynch|LINK
Start here :
Aug 10, 2017 06:06 PM|anthonyaudi|LINK
Hi although that is a great read, it doesn't solve my issue.
I seem to have done all that but for some reason when I go to FTP isolation and go to the user home dir i cannot access it and the error returned is error 530.
As far as i know, enabling ftp isolation at the user home directory ignores the global vdir (which is the vdir i created under localuser folder)
so if I understand correctly
user Anthony1 should be able to log in to his home folder called Anthony1 which resides in c:\localuser\anthony\
This does not work I cannot get it to log on to the folder.
Aug 10, 2017 06:37 PM|anthonyaudi|LINK
Just to recap so there isn't any confusion or going in the wrong direction
here is the folder structure and what works and what does not
The little photo of the globe and on the right of it there is my FTP
Connecting with Anthony will enter the FTP and I will see the subdirectory Anthony1
Connecting with Anthony1 will not enter the FTP and will yeild this message : Response: 530 User cannot log in, home directory inaccessible.
My subdirectory Anthony1 has the following settings
Physical Path: c:\localuser\anthony\anthony1
In FTP Authorization I have user: anthony
When I do test settings everything passes.
FTP Isolation mode is set to Username Directory (disable global virtual directories)
PS. Even if I put it in Username Physical Directory (enable global virtual directories) it still gives the same result
Double PS: The local user Anthony1 has full access to his home folder c:\localuser\anthony\anthony1
To be safe, I created a group called Anthonys and put Anthony1/2/3/4 inside that group and I gave them viewing rights to the root folder Anthony <--But this shouldn't be an issue because as I mentioned if I create the virtual directory Anthony1 at the root
of Localuser in IIS it works fine.
Aug 10, 2017 08:28 PM|anthonyaudi|LINK
Update, I have been doing many tests and I am beginning to believe this might actually be a limitation of Windows FTP.
There doesn't seem to be any way to have a user connect to a virtual directory that lives within a subfolder. Example, there doesn't seem to be anyway to connect a user to
C:\localuser\anthony\anthony1 <-- When Anthony1 is created as a virtual directory by right clicking on Anthony and selecting "create virtual directory"
It can be done however by right clicking on localuser and selecting "create virtual directory"
Can someone confirm that either I am doing something wrong or that this is a limitation of the windows FTP?
Has anyone ever been successful at creating a virtual directory and successfully connecting to it when it lives within a subfolder of a folder that also resides in localuser?
( c:\localuser\anthony\anthony1 <--Has anyone ever been able to create anthony1 as a virtual directory and have the virtual directory folder appear inside the c:\localuser\anthony ? )
P.S. I wanted to make sure that it could not be a permissions issue so I gave "everyone" full access to everything in localuser and enabled folder hierarchy to make sure it went down to the subfolders.
Aug 11, 2017 08:06 AM|Yuk Ding|LINK
The user isolation could should use the username folder/virtual directory by creating these folder under the root path, otherwise it could report 530 error. I wonder which isolation did you use
User name directory (disable global virtual directories) or
User name physical directory (enable global virtual directories)?
Your strcture looks like this:
The user isolation will prevent anthony1 from accessing his folder while it doesn't permission to access Anthony with the user isolation.
To promise the user isolation could works fine with IIS, just ensure the virual directory/folder with username are in the same level:
If you need your original structure, you'd better disable the user isolation and isolate user via authorization rule.
Aug 11, 2017 12:22 PM|anthonyaudi|LINK
Aug 14, 2017 07:54 AM|Yuk Ding|LINK
Yes, I tried to create one directory under the other subdirctory. But I didn't find any way to make this work. NTFS and user isolation should belong to 2 authentication part, do grant full control should not change the effect.
The user isolation should be aimed to separate the different folder for different user.
Aug 17, 2017 09:57 PM|anthonyaudi|LINK
Hi, I was able to create and successfully get the FTP working properly. However, after several attempts I am stuck trying to do the following. I am unsure if this is possible
I want multiple users to connect to the same virtual directory
c:\localuser\user1 <--Folder name
Users = user1 / user2 / user3 etc
I want user1 - user2 - user3 to be able to log on with their account from there ftp program and arrive at c:\localuser\user1
Is that possible with Windows FTP? I have tried to get this to work multiple ways unsuccessfully. Can someone explain to me if this is possible and if it is how can we achieve it.
Edit: I think what I wrote might be unclear so I just want to make it clear.
I have this folder structure
The above folder needs to be accessed by several FTP users (user1/user2/user3/etc)
so from our FTP client (filezilla or whatever FTP client) I want the user to put the following information
username: user1 or user2 or user 3
password: whatever the password is for user1 / user2 / user3
and when they log in they will log into the folder c:\localuser\user1
Aug 18, 2017 12:13 AM|anthonyaudi|LINK
anyone have any ideas on this (whether it is doable or not)
Aug 22, 2017 07:06 AM|Yuk Ding|LINK
So if you need to enable such kind of architecture. You may need to disable the user isolation and control the permission via NTFS permission and FTP authorization rule.