On my remote machine I have an IIS 7.5 (Windows Server 2008). I set up an ftp site with IIS Manager authentication. I then did Active Directory user isolation and isolated my users to physical folders according to their names. So far, so good. I can access with FTP clients from everywhere with different test accounts that I previously set up in the IIS Manager authentication. Every user connects to its own folder.
When I now tested with windows 7 as a client, I did the following:
Explorer -> computer -> right click -> add network address -> the ip of my remote machine -> user1 -> password1
Perfect – it works. I now want to connect with user2. So I deleted this network address and set up a new connection, but with user2 (or even anonymous) instead. Now the strange thing: Windows doesn't even ask me for a password again. It just connects me to the folder of the user1.
I already disabled FTP caching in the IIS and I disabled the user1 account in IIS manager authentication! Still, if I set up a network connection with this windows 7, it connects to the folder user1, no matter which username I use (anonymous, administrator, user2,…).
And if I connect with other ftp clients or other computers, it all works perfectly. So I assume that this one Windows somehow caches the credentials… but then, how can I keep IIS from still accepting these credentials even if I have disabled the user1 account?
Best Answer
Have you checked the Credential Manager in Windows to see if it is storing something in there?
or if it the Control Panel is in Category View
I would start there to see if there are any credentials stored that seem to match the credentials it is using.