Home
+
Products
+
Services
+
Support
 
References
 
Downloads
 
Contact Us
 
Company Profile

Synopsis

Microsoft FTP Server can be configured to authenticate users against an Active Directory server. One possible reason for doing this is for single sign-on, or administrative ease.

Applicable Systems

  • Windows 2003 FTP
  • Windows 2000 or later Active Directory

Creating a New Active Directory FTP Server

Open the Administrative Tools | Computer Management and expand Internet Information Services. Right click Internet Information Services to create a new FTP.

Where Is The FTP?

If FTP is not available on the menu it may not have been installed. In this case, open the Add/Remove Programs and click on Add/Remove Windows Components. Explore details for Internet Information Services (IIS) and ensure that File Transfer Protocol (FTP) Server is checked. If not, have it installed.

FTP User Isolation

When creating a new FTP server, there are three options for user isolation. Isolation using Active Directory should be selected.

FTP requires a query-user and password to access the Active Directory server. When an FTP user needs to be authenticated, the FTP server will use the query-user account to connect to the Active Directory, then it can authenticate the FTP user.

FTP also requires the domain name of the users it will be serving.

Setting the Home Directory for Each User

Since the FTP server has been set up for Active Directory isolation, there is no root folder for the FTP server to use, nor is there user folders within the root folder.

Each FTP user will have her own root and user folder, and she cannot detect the presence of other users' folders. The FTP user's root and user folder information is stored in the Active Directory server. The Active Directory server will have to be informed about these two parameters.

Example

The following is a situation.
  • The FTP server is ftp.pox.com
  • The Active Directory server is ad.pox.com
  • The Active Directory administration account is admin.
  • The new FTP user is jiajia@pox.com
  • The root folder for jiajia on ftp.pox.com is c:\ftproot
  • The user folder for jiajia on ftp.pox.com is c:\ftproot\jiajia
Use the following command to tell the Active Directory server about the new user's root and user folders:

iisftp /s ad.pox.com /u admin /p password /setadprop jiajia FTPRoot c:\ftproot
and
iisftp /s ad.pox.com /u admin /p password /setadprop jiajia FTPDir \jiajia
The user jiajia should be able to use the FTP server now.

Last updated on 19 Sep 2007