Friday, November 18, 2011

Setting up FTP under Windows Server 2008 R2 with user-isolation

In Windows Server 2008 R2. (Important these are not steps for a production environment. Just for setting up a test FTP server.)
In Server Manager:
Under Roles, click Add Role
    install FTP
        Under roles - add Web Server (IIS)
            Under role services select FTP Server
        Complete the installation
In IIS: Create a FTP Site:  
    Right click on Sites and select Add FTP Site
        Name it: Whatever you like
        Path: C:\inetpub\ftproot
    Bindings and SSL Settings
        Select No SSL

    Authentication information
        Select Basic authentication
            Select Allow access to "All users" with Read and Write permissions
    Finish the FTP creation wizard
Under settings for the FTP site (in IIS)
    Select FTP User Isolation
        Select "User name directory (disable global virtual directories)"
Create local user accounts (this is how users get access to the FTP site (or at least one way how you can provide access to your ftp site)). (example: create a local account named FtpUser1)
Create a group called FTPUsers and add user accounts created above to the group. (it makes it easier to provide access to folders as shown in the next step).
Provide the group you created in the above step (FTPUsers) modify priviledges on C:\inetpub\ftproot
Next create a sub-folder called LocalUser (C:\inetpub\ftproot\LocalUser). (important to name it exactly that).  
Create a folders for each of the user accounts you created above (eg: if you created an account call FtpUser1, create a folder under LocalUser called FtpUser1).

Test access to your FTP site via your favorite FTP client. If you did everything correctly, you should have a valid FTP site with an account setup.

No comments: