locked
FTP anonymous login iis 7.5 RRS feed

  • Question

  • Hi all,

    I cannot login using Anonymous. I tried the ftp localhost at the command prompt. Got the following error after typing a password. 

    331 Anonymous access allowed, send identity (e-mail name) as password.
    Password:
    530-User cannot log in, home directory inaccessible.
     Win32 error:   Access is denied.
     Error details: File system denied the access.
    530 End

    I have added ANONYMOUS on security without success.

    Any idea what to do next?

    Wednesday, July 11, 2012 6:32 AM

Answers

  • Dear Sydmas Please Refer Following Article for Creating FTP Site

    Introduction

    Microsoft has updated the FTP service for Windows Server® 2008 and above. This updated FTP service incorporates many new features that enable Web authors to publish content better than before, and offers Web administrators more security and deployment options.

    This document walks you through creating FTP sites from scratch using the new FTP user interface and by directly editing the IIS configuration files. It contains:

    Note: This walk-through contains a series of steps in which you log in to your FTP site using the local administrator account. These steps should only be followed on the server itself using the loopback address or over SSL from a remote server. If you prefer to use a separate user account instead of the administrator account, you will need to create the appropriate folders and set the correct permissions for that user account when necessary.

    Prerequisites

    The following items are required to complete the procedures in this article:

    1. IIS must be installed on your Windows 2008 Server, and the Internet Information Services Manager must be installed.
    2. The new FTP service must be installed. You can download and install the FTP service from the http://www.iis.net/ Web site using one of the following links:
    3. You must create a root folder for FTP publishing.

    Creating a New FTP Site Using IIS Manager

    The new FTP service makes it easy to create new FTP sites by providing you with a wizard that walks you through all of the required steps to create a new FTP site from scratch.

    Step 1: Use the FTP Site Wizard to Create an FTP Site

    In this first step you will create a new FTP site that anonymous users can open.

    Note: The settings listed in this walkthrough specify "%SYSTEMDRIVE%\inetpub\ftproot" as the path to your FTP site. You are not required to use this path; however, if you change the location for your site you will have to change the site-related paths that are used throughout this walkthrough.

    1. Open IIS Manager. In the Connections pane, click the Sites node in the tree.
    2. As shown in the image below, right-click the Sites node in the tree and click Add FTP Site, or click Add FTP Site in the Actions pane.
      • Create a folder at "%SystemDrive%\inetpub\ftproot"
      • Set the permissions to allow anonymous access:
        1. Open a command prompt.
        2. Type the following command:
          <kbd>ICACLS "%SystemDrive%\inetpub\ftproot" /Grant IUSR:R /T</kbd>
        3. Close the command prompt.
    3. When the Add FTP Site wizard appears:
      • Enter "My New FTP Site" in the FTP site name box, then navigate to the %SystemDrive%\inetpub\ftproot folder that you created in the Prerequisites section. Note that if you choose to type in the path to your content folder, you can use environment variables in your paths.
      • When you have completed these items, click Next.
    4. On the next page of the wizard:
      • Choose an IP address for your FTP site from the IP Address drop-down, or choose to accept the default selection of "All Unassigned." Because you will be using the administrator account later in this walk-through, you must ensure that you restrict access to the server and enter the local loopback IP address for your computer by typing "127.0.0.1" in the IP Address box. (Note: If you are using IPv6, you should also add the IPv6 localhost binding of "::1".)
      • Enter the TCP/IP port for the FTP site in the Port box. For this walk-through, choose to accept the default port of 21.
      • For this walk- through, do not use a host name, so make sure that the Virtual Host box is blank.
      • Make sure that the Certificates drop-down is set to "Not Selected" and that the Allow SSL option is selected.
      • When you have completed these items, click Next.
    5. On the next page of the wizard:
      • Select Anonymous for the Authentication settings.
      • For the Authorization settings, choose "Anonymous users" from the Allow access to drop-down, and select Read for the Permissions option.
      • When you have completed these items, click Finish.

    Summary

    You have successfully created a new FTP site using the new FTP service. To recap the items that you completed in this step:

    1. You created a new FTP site named "My New FTP Site", with the site's content root at "%SystemDrive%\inetpub\ftproot".
    2. You bound the FTP site to the local loopback address for your computer on port 21, and you chose not to use Secure Sockets Layer (SSL) for the FTP site.
    3. You created a default rule for the FTP site to allow anonymous users "Read" access to the files.

    Step 2: Adding Additional FTP Security Settings

    Creating a new FTP site that anonymous users can browse is useful for public download sites, but web authoring is equally important. In this step, you add additional authentication and authorization settings for the administrator account. To do so, follow these steps:

    1. In IIS Manager, click the node for the FTP site that you created earlier, then double-click FTP Authentication to open the FTP authentication feature page.
    2. When the FTP Authentication page displays, highlight Basic Authentication and then click Enable in the Actions pane.
    3. In IIS Manager, click the node for the FTP site to re-display the icons for all of the FTP features.
    4. You must add an authorization rule so that the administrator can log in. To do so, double-click the FTP Authorization Rules icon to open the FTP authorization rules feature page.
    5. When the FTP Authorization Rules page is displayed, click Add Allow Rule in the Actions pane.
    6. When the Add Allow Authorization Rule dialog box displays:
      • Select Specified users, then type "administrator" in the box.
      • For Permissions, select both Read and Write.
      • When you have completed these items, click OK.

    Summary

    To recap the items that you completed in this step:

    1. You added Basic authentication to the FTP site.
    2. You added an authorization rule that allows the administrator account both "Read" and "Write" permissions for the FTP site.

    Step 3: Logging in to Your FTP Site

    In Step 1, you created an FTP site that anonymous users can access, and in Step 2 you added additional security settings that allow an administrator to log in. In this step, you log in anonymously using your administrator account.

    Note: In this step log in to your FTP site using the local administrator account. When creating the FTP site in Step 1 you bound the FTP site to the local loopback IP address. If you did not use the local loopback address, use SSL to protect your account settings. If you prefer to use a separate user account instead of the administrator account, set the correct permissions for that user account for the appropriate folders.

    Logging in to your FTP site anonymously

    1. On your FTP server, open a command prompt session.
    2. Type the following command to connect to your FTP server:

      <kbd>FTP localhost</kbd>

    3. When prompted for a user name, enter "anonymous".
    4. When prompted for a password, enter your email address.

    You should now be logged in to your FTP site anonymously. Based on the authorization rule that you added in Step 1, you should only have Read access to the content folder.

    Logging in to your FTP site using your administrator account

    1. On your FTP server, open a command prompt session.
    2. Type the following command to connect to your FTP server:

      <kbd>FTP localhost</kbd>

    3. When prompted for a user name, enter "administrator".
    4. When prompted for a password, enter your administrator password.

    You should now be logged in to your FTP site as the local administrator. Based on the authorization rule that you added in Step 2 you should have both Read and Write access to the content folder.

    Summary

    To recap the items that you completed in this step:

    1. You logged in to your FTP site anonymously.
    2. You logged in to your FTP site as the local administrator.

    Kalpesh Patel If you find these posts answered your question or issue, please click on "Mark as answer". If a post contained helpfull information, please be click on the "Vote as helpful" button

    • Marked as answer by sydmas Friday, July 13, 2012 5:01 AM
    Friday, July 13, 2012 4:35 AM

All replies

  • Hi,

    For IIS related questions you could post to IIS forum instead:

    http://forums.iis.net/


    TechNet Subscriber Support in forum |If you have any feedback on our support, please contact tnmff@microsoft.com.

    Friday, July 13, 2012 1:54 AM
  • Dear Sydmas Please Refer Following Article for Creating FTP Site

    Introduction

    Microsoft has updated the FTP service for Windows Server® 2008 and above. This updated FTP service incorporates many new features that enable Web authors to publish content better than before, and offers Web administrators more security and deployment options.

    This document walks you through creating FTP sites from scratch using the new FTP user interface and by directly editing the IIS configuration files. It contains:

    Note: This walk-through contains a series of steps in which you log in to your FTP site using the local administrator account. These steps should only be followed on the server itself using the loopback address or over SSL from a remote server. If you prefer to use a separate user account instead of the administrator account, you will need to create the appropriate folders and set the correct permissions for that user account when necessary.

    Prerequisites

    The following items are required to complete the procedures in this article:

    1. IIS must be installed on your Windows 2008 Server, and the Internet Information Services Manager must be installed.
    2. The new FTP service must be installed. You can download and install the FTP service from the http://www.iis.net/ Web site using one of the following links:
    3. You must create a root folder for FTP publishing.

    Creating a New FTP Site Using IIS Manager

    The new FTP service makes it easy to create new FTP sites by providing you with a wizard that walks you through all of the required steps to create a new FTP site from scratch.

    Step 1: Use the FTP Site Wizard to Create an FTP Site

    In this first step you will create a new FTP site that anonymous users can open.

    Note: The settings listed in this walkthrough specify "%SYSTEMDRIVE%\inetpub\ftproot" as the path to your FTP site. You are not required to use this path; however, if you change the location for your site you will have to change the site-related paths that are used throughout this walkthrough.

    1. Open IIS Manager. In the Connections pane, click the Sites node in the tree.
    2. As shown in the image below, right-click the Sites node in the tree and click Add FTP Site, or click Add FTP Site in the Actions pane.
      • Create a folder at "%SystemDrive%\inetpub\ftproot"
      • Set the permissions to allow anonymous access:
        1. Open a command prompt.
        2. Type the following command:
          <kbd>ICACLS "%SystemDrive%\inetpub\ftproot" /Grant IUSR:R /T</kbd>
        3. Close the command prompt.
    3. When the Add FTP Site wizard appears:
      • Enter "My New FTP Site" in the FTP site name box, then navigate to the %SystemDrive%\inetpub\ftproot folder that you created in the Prerequisites section. Note that if you choose to type in the path to your content folder, you can use environment variables in your paths.
      • When you have completed these items, click Next.
    4. On the next page of the wizard:
      • Choose an IP address for your FTP site from the IP Address drop-down, or choose to accept the default selection of "All Unassigned." Because you will be using the administrator account later in this walk-through, you must ensure that you restrict access to the server and enter the local loopback IP address for your computer by typing "127.0.0.1" in the IP Address box. (Note: If you are using IPv6, you should also add the IPv6 localhost binding of "::1".)
      • Enter the TCP/IP port for the FTP site in the Port box. For this walk-through, choose to accept the default port of 21.
      • For this walk- through, do not use a host name, so make sure that the Virtual Host box is blank.
      • Make sure that the Certificates drop-down is set to "Not Selected" and that the Allow SSL option is selected.
      • When you have completed these items, click Next.
    5. On the next page of the wizard:
      • Select Anonymous for the Authentication settings.
      • For the Authorization settings, choose "Anonymous users" from the Allow access to drop-down, and select Read for the Permissions option.
      • When you have completed these items, click Finish.

    Summary

    You have successfully created a new FTP site using the new FTP service. To recap the items that you completed in this step:

    1. You created a new FTP site named "My New FTP Site", with the site's content root at "%SystemDrive%\inetpub\ftproot".
    2. You bound the FTP site to the local loopback address for your computer on port 21, and you chose not to use Secure Sockets Layer (SSL) for the FTP site.
    3. You created a default rule for the FTP site to allow anonymous users "Read" access to the files.

    Step 2: Adding Additional FTP Security Settings

    Creating a new FTP site that anonymous users can browse is useful for public download sites, but web authoring is equally important. In this step, you add additional authentication and authorization settings for the administrator account. To do so, follow these steps:

    1. In IIS Manager, click the node for the FTP site that you created earlier, then double-click FTP Authentication to open the FTP authentication feature page.
    2. When the FTP Authentication page displays, highlight Basic Authentication and then click Enable in the Actions pane.
    3. In IIS Manager, click the node for the FTP site to re-display the icons for all of the FTP features.
    4. You must add an authorization rule so that the administrator can log in. To do so, double-click the FTP Authorization Rules icon to open the FTP authorization rules feature page.
    5. When the FTP Authorization Rules page is displayed, click Add Allow Rule in the Actions pane.
    6. When the Add Allow Authorization Rule dialog box displays:
      • Select Specified users, then type "administrator" in the box.
      • For Permissions, select both Read and Write.
      • When you have completed these items, click OK.

    Summary

    To recap the items that you completed in this step:

    1. You added Basic authentication to the FTP site.
    2. You added an authorization rule that allows the administrator account both "Read" and "Write" permissions for the FTP site.

    Step 3: Logging in to Your FTP Site

    In Step 1, you created an FTP site that anonymous users can access, and in Step 2 you added additional security settings that allow an administrator to log in. In this step, you log in anonymously using your administrator account.

    Note: In this step log in to your FTP site using the local administrator account. When creating the FTP site in Step 1 you bound the FTP site to the local loopback IP address. If you did not use the local loopback address, use SSL to protect your account settings. If you prefer to use a separate user account instead of the administrator account, set the correct permissions for that user account for the appropriate folders.

    Logging in to your FTP site anonymously

    1. On your FTP server, open a command prompt session.
    2. Type the following command to connect to your FTP server:

      <kbd>FTP localhost</kbd>

    3. When prompted for a user name, enter "anonymous".
    4. When prompted for a password, enter your email address.

    You should now be logged in to your FTP site anonymously. Based on the authorization rule that you added in Step 1, you should only have Read access to the content folder.

    Logging in to your FTP site using your administrator account

    1. On your FTP server, open a command prompt session.
    2. Type the following command to connect to your FTP server:

      <kbd>FTP localhost</kbd>

    3. When prompted for a user name, enter "administrator".
    4. When prompted for a password, enter your administrator password.

    You should now be logged in to your FTP site as the local administrator. Based on the authorization rule that you added in Step 2 you should have both Read and Write access to the content folder.

    Summary

    To recap the items that you completed in this step:

    1. You logged in to your FTP site anonymously.
    2. You logged in to your FTP site as the local administrator.

    Kalpesh Patel If you find these posts answered your question or issue, please click on "Mark as answer". If a post contained helpfull information, please be click on the "Vote as helpful" button

    • Marked as answer by sydmas Friday, July 13, 2012 5:01 AM
    Friday, July 13, 2012 4:35 AM