|
Home > Archive > IIS Server Security > April 2004 > FTP Authentication not working
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
FTP Authentication not working
|
|
| Dave W 2004-04-22, 12:37 pm |
| Hi,
I have a Win2000 server running FTP in IIS. I have the FTP set up in
the Properties -> Security Accounts tab so that it does not allow Anon
Connections. In FTP Site operators I have the Admins group plus a
named user say ftpuser (which is a member of the Users group only)
defined to allow access. The underlying NTFS permissions are set to
Everyone (Full Control) on the FTP servers root folder and subfolders.
However the server does not appear to be authenticating the user,
allowing any user defined in the Users group access. Any ideas?
N.B. I have a server which is the same IIS FTP and NTFS config and
this is only allow users defined in FTP Site Operators have access.
Thanks,
Dave.
| |
| Paul Lynch 2004-04-22, 3:35 pm |
| On 22 Apr 2004 08:49:09 -0700, outer.axis@btinternet.com (Dave W)
wrote:
>Hi,
>
>I have a Win2000 server running FTP in IIS. I have the FTP set up in
>the Properties -> Security Accounts tab so that it does not allow Anon
>Connections. In FTP Site operators I have the Admins group plus a
>named user say ftpuser (which is a member of the Users group only)
>defined to allow access. The underlying NTFS permissions are set to
>Everyone (Full Control) on the FTP servers root folder and subfolders.
>
>However the server does not appear to be authenticating the user,
>allowing any user defined in the Users group access. Any ideas?
>
>N.B. I have a server which is the same IIS FTP and NTFS config and
>this is only allow users defined in FTP Site Operators have access.
>
>Thanks,
>
>Dave.
Dave,
You don't need to be in the FTP Operators group to gain access to a
server. Check this article out :
How do I configure the FTP Service for Basic Authentification on IIS5
Non Domain Controller
http://www.iisfaq.com/Default.aspx?tabid=2793
Regards,
Paul Lynch
MCSE
| |
| Dave W 2004-04-23, 4:34 am |
| Paul Lynch <paul.lynch@nospam.com> wrote in message news:<bf4g80h08r7k7ofiq9ankpojgqlqq826fa@4ax.com>...
> You don't need to be in the FTP Operators group to gain access to a
> server. Check this article out :
>
> How do I configure the FTP Service for Basic Authentification on IIS5
> Non Domain Controller
> http://www.iisfaq.com/Default.aspx?tabid=2793
Thanks for the response Paul but I've set up FTP as per the article
you recommended. The problem is that when I restrict the FTP Operators
(in the Security Accounts tab in FTP Properties) to just the Admin
group the FTP server is letting users defined in the Users group to
logon - in fact it seems to make no odds what I do it allows users
through if they have the correct username and password combination -
there are no restrictions applied.
As a test I set up a Test Group with a test user (which is exclusive
to the group), I have NOT added either to the Log on Locally group /
user list nor to the FTP Site Operators list found in the FTP
Properties Security Accounts Tab and yet I can still logon to the FTP
server using these credentials. It is as if the FTP Basic
Authentication is required and working but the FTP Site Operators list
is being ignored and any user defined on the server is allowed access
with a valid username / password combination.
I have another server which is (or at least should be!) exactly the
same set up but which is restricting access to the list of groups /
users defined in FTP Site Operators. This one really has me scratching
my head. Any further advice would be most welcome.
Regards,
Dave.
| |
| Dave W 2004-04-23, 5:35 am |
| As a follow up to my previous reply I have also noticed that when I
connect to my server using Visual Interdev it doesn't ask for a
username and password. Is there a setting where I can turn this on?
|
|
|
|
|