|
Home > Archive > IIS FTP Server > March 2004 > General question: IIS6 FTP modes
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
General question: IIS6 FTP modes
|
|
|
| Hello all,
Situation: I would like to have a personal and passworded FTP site on a
single machine accessible both locally and over the net.
Resolution: Works fine using "Do not isolate users" mode on port 21.
Question: Did not work using "Isolate users" mode on port 2100 with virtual
folders assigned to specific users and permissions set accordingly. What is
missing here? I would prefer to have this as secure as possible in addition
to being able to use ADSI/WMI for programmatic control but will go to Serv-U
or another app if neccessary.
I tried many different configurations and got denied access in every case. I
tried using FTP.exe from a remote location and I got a "User home directory
not accessible" error. IE gave me all manner of access violations both
locally and remotely.
Additional info: The server receives packets via IP forwarding through a
wireless access point connected to the internet. The site address is also
being mapped through a redirection service due to dynamic DNS issues.
I've heard that the "Isolate users using Active Directory" works well but I
think it's overkill in my situation.
Any help greatly appreciated,
Harry Virek
| |
| Bernard 2004-03-10, 12:34 am |
| I think this is connectivity mode and has nothing to do with isolation mode.
If you running at 2100, make sure you got 2099 open for data channel
traffic. And some NAT devices are not able to translate correctly if FTP is
binding at different port other than default port 21.
if you change to pack to port 21, do you still have any problem with
isolation mode, the home directory error relates to access and permission
issues. check if user has at read permission on the folder.
test everything locally first, then try to test from remote site.
Useful links
Information About the IIS File Transmission Protocol (FTP) Service
http://support.microsoft.com/?id=283679
FTP Error: 500 Invalid PORT Command
http://support.microsoft.com/?id=281193
and you can try enable port attack to see if it help
http://www.microsoft.com/resources/..._ftpservice.asp
add the EnablePortAttack, set it to 1.
--
Regards,
Bernard Cheah
http://support.microsoft.com/
Please respond to newsgroups only ...
"BGV" <email@na.biz> wrote in message
news:t5k3c.97558$jx3.7696976@twister.southeast.rr.com...
> Hello all,
>
> Situation: I would like to have a personal and passworded FTP site on a
> single machine accessible both locally and over the net.
>
> Resolution: Works fine using "Do not isolate users" mode on port 21.
>
> Question: Did not work using "Isolate users" mode on port 2100 with
virtual
> folders assigned to specific users and permissions set accordingly. What
is
> missing here? I would prefer to have this as secure as possible in
addition
> to being able to use ADSI/WMI for programmatic control but will go to
Serv-U
> or another app if neccessary.
>
> I tried many different configurations and got denied access in every case.
I
> tried using FTP.exe from a remote location and I got a "User home
directory
> not accessible" error. IE gave me all manner of access violations both
> locally and remotely.
>
> Additional info: The server receives packets via IP forwarding through a
> wireless access point connected to the internet. The site address is also
> being mapped through a redirection service due to dynamic DNS issues.
>
> I've heard that the "Isolate users using Active Directory" works well but
I
> think it's overkill in my situation.
>
> Any help greatly appreciated,
>
> Harry Virek
>
>
>
>
| |
| Jeff Cochran 2004-03-10, 10:36 am |
| On Tue, 09 Mar 2004 13:59:53 GMT, "BGV" <email@na.biz> wrote:
>Hello all,
>
>Situation: I would like to have a personal and passworded FTP site on a
>single machine accessible both locally and over the net.
>
>Resolution: Works fine using "Do not isolate users" mode on port 21.
>
>Question: Did not work using "Isolate users" mode on port 2100 with virtual
>folders assigned to specific users and permissions set accordingly. What is
>missing here? I would prefer to have this as secure as possible in addition
>to being able to use ADSI/WMI for programmatic control but will go to Serv-U
>or another app if neccessary.
>
>I tried many different configurations and got denied access in every case. I
>tried using FTP.exe from a remote location and I got a "User home directory
>not accessible" error. IE gave me all manner of access violations both
>locally and remotely.
"All manner" is hard to trace, but if you gave us *exact* error
messages we may have solutions. For the home directory error, it's
because you haven't created the home directory in the correct location
or haven't assigned it correct permissions.
>Additional info: The server receives packets via IP forwarding through a
>wireless access point connected to the internet. The site address is also
>being mapped through a redirection service due to dynamic DNS issues.
This may be an issue with your port 21 working and port 2100 not. Are
you forwarding the port correctly in your router?
>I've heard that the "Isolate users using Active Directory" works well but I
>think it's overkill in my situation.
They all work well, if properly configured.
Jeff
|
|
|
|
|