I have been trying to create an FTP server on my new Server 2008.
I have been following both (very detailed and highly published here guides)
For setting up using IIS Manager
http://learn.iis.net/page.aspx/321/configure-ftp-with-iis-7-manager-authentication/
and
For anonymous FTP
http://www.trainsignaltraining.com/windows-server-2008-ftp-iis7
I am able to log as an anonymous user. My need is to use a named user, so I need to use the IIS Manager.
I get error 530 when trying to log as a user.
Connected to 127.0.0.1.
220 Microsoft FTP Service
User (127.0.0.1:(none)): ftpmanager
331 Password required for ftpmanager.
Password:
530-User cannot log in.
Win32 error: Logon failure: unknown user name or bad password.
Error details: Filename:
Error:
530 End
Login failed.
ftp>
I can not learn from this message anything.
My password is set to: 1234 (so I don't think I make a mistake here – testing purposes only ofc)
Thank you.
Note – I went over other posts on SE that I read, and couldn't get the result:
- IIS7 Windows Server 2008 FTP -> Response: 530 User cannot log in
- FTP Error 530, User cannot log in, home directory inaccessible
- Having trouble setting up FTP server on Windows Server 2008
EDIT
I think I found some errors with the physical path. Going to Basic settings, and Test Connection on the physical path, gave me the following error:
The server is configured to use pass-through authentication with a built-in account to access the specified physical path. However, IIS Manager cannot verify whether the built-in account has access. Make sure that the application pool identity has Read access to the physical path. If this server is joined to a domain, and the application pool identity is NetworkService or LocalSystem, verify that \$ has Read access to the physical path. Then test these settings again.
I am not sure which/whom should get access to the Root folder !?
I want to point out, I managed to login with a domain user (change authorization and authentication methods) but this is NOT the requested solution. I checked to make sure that the FTP, folders, access is working properly.
I am bit lost here.
==== More tries:
I have enabled another Allow rule for ALL Users. I still get the same error. It seems that it doesn't matter if i use a correct or wrong password, I still get Error 530.
Best Answer
I will describe how I do isolated setup of FTP server. This works fine for our needs (1 (or more) user per website). I understand that there maybe much better/quicker/secure setup, but that is what I have been using all the time without any issues so far (Keep in mind -- I'm programmer and not an pro admin and will be grateful for any comments and advices).
Create new user: IUSR_ftpacc (will be used to run app pool).
Create new user(s) that will be used to access FTP service: e.g. ftpuser
Create folder for FTP: D:\websites\FTP and grant Read & Execute right to this folder.
Create 2 subfolders: "localuser" (for user folders -- must be this name) and "logs" (for logs).
Create individual folders inside
D:\websites\FTP\localuserfor each FTP account (folder must match user account): e.g. ftpuser, and grant Modify permission.Open IIS Manager and create new Application Pool: FTPServiceApp. Advanced Settings -> Identity -- set it up to use
IUSR_ftpaccaccount.Sites -> Add FTP Site..
Select newly created ftp site -> Actions -> Basic Settings: Change Application Pool to the one created at #6 (
FTPServiceApp). If all setup properly you will see 2 green marks when clicking "Test Settings.." button. "Connect as.." should have "Application user (pass-through authentication)" selected by default.FTP User Isolation -- I'm always choosing "User name physical directory".
The "FTP Authorisation Rules" should be configured already (from wizard step). "FTP Logging" -- set to write logs into
D:\websites\FTP\logsfolder.If I need user to access some website (which located in
D:\websites\mywebsite, for example) I create symlink (or directory junction) instead of folder at step #5.