windows server 2012 - IIS Configuration Disabled for Custom FTP User Isolation

17
2014-04
  • ripberge

    I have created a custom FTP authentication module using .NET. It is working OK on my local machine running IIS 8.

    I've got it registered on my server OK and it seems to be firing.

    However, I can NOT get IIS Manager on Server 2012 to allow me to change the FTP User Isolation to "custom".

    The radio button to select "custom" is disabled. I am thinking maybe this part of the configuration is locked somewhere else up in the IIS config heirarchy?

  • Answers
    Know someone who can answer? Share a link to this question via email, Google+, Twitter, or Facebook.

    Related Question

    networking - How to isolate ftp users in IIS 7?
  • Beavis

    This is the first time I've played with IIS and FTP. We have around 2000 users in AD. Each of these users has a share on the network, all under a root folder, labeled with their username.

    Ex:

    \\network\john.doe
    \\network\jane.doe

    I'm trying to setup an ftp server in IIS 7 to allow users access to their directory and only their directory. Kind of like a web host, where I sign up for an account, login with ftp and get directed to my own folder. The only difference here is that we don't have to create directories, they already exist.

    Here's what I've got:
    - ftp site in iis that points to the root directory "network" that contains all the user directories
    - basic authentication and filled in the domain
    - authorization (all users) for testing purposes
    - ftp user isolation -- username directory checked

    Now I understand the last option is NOT what I want because it allows the user to move up to the root. However, this is the only option that allows me to login successfully and directs me to my folder. If I select either of the isolate users options (disable global or enable global) I cannot login. No message, just the authentication prompt keeps reappearing.

    What am I missing here?


  • Related Answers
  • Rick

    Isolated FTP usually requires the DOMAIN as the first part of the "user share" - ref: http://learn.iis.net/page.aspx/305/configuring-ftp-75-user-isolation/

    To create home directories for each user, you first need to create a physical directory under your FTP server's root folder that is named after your domain or named LocalUser for local user accounts. Next, you need to create a physical directory for each user account that will access your FTP site.

    %FtpRoot%\LocalUser\%UserName% (non-domain)
    %FtpRoot%\%UserDomain%\%UserName% (domain)
    
  • phoebus

    Have you set appropriate permissions on the root and user directories? Appropriate permissions + isolated mode is generally the way to do it.