Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion GroupsWindows Server 2003Windows 2000Windows NTSmall Business ServerVirtual ServerExchange ServerIISHost Integration ServerISA ServerSMSWSUSMOMWindows Media ServerSecurityCertification
Related Topics
SQL ServerMS WindowsMS OfficePC HardwareMore Topics ...
Windows Server Forum / IIS / FTP / October 2008

Tip: Looking for answers? Try searching our database.

Setting up FTP on Server 2003

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
aja44 - 02 Oct 2008 15:19 GMT
Good Morning.  We currently have a box running Server 2003 that we are
running as a dedicated FTP server.  The company does not want to invest any
money in upgrades to this but it is used a lot in our business.  We currently
create an account within AD and provide that info the clients to upload and
download work from their dedicated folder.  I find that most of the time we
have issues with clients connecting via IE6 or IE7 and have begun instructing
them to use FileZilla which connects 99% of the time without issue.  

What I would like to do is setup our FTP so clients will have to do the
following:
ftp://companyname and it will redirect them to our FTP site with a logon
window.  I have created a DNS record which points to and when I perform this
I do get prompted with the logon screen but no matter what credential I enter
I do not get access.  I would like to take this a step further and possibly
create an SSL certificate similiar to what we use for OWA.  Is this possible
and what is the best way to setup?

Thanks in advance.
Reply to this Message
.._.. - 03 Oct 2008 15:34 GMT
SSL certificates are for HTTP.  You can't apply them to FTP.

You CAN use SFTP, or FTPS however both of those protocols require a third
party add on to IIS, or a different server altogether.

I have used the CGWIN (Unix Port) of SFTP with some success, but note your
user/pass authentication uses a separate file and does NOT integrate with
Windows.

Your best bet is probably a VPN over which the FTP would occur.

Chances are with your senario the browser is not passing the username to the
virtual directory properly, and landing the user authenticating in the root.

Also make sure you do not have some sort of security measures mucking with
what the browser can do that might not be mucking with FileZilla.

FileZilla is a way better way to deal with FTP though, so why switch?

> Good Morning.  We currently have a box running Server 2003 that we are
> running as a dedicated FTP server.  The company does not want to invest
[quoted text clipped - 23 lines]
>
> Thanks in advance.
Reply to this Message
aja44 - 03 Oct 2008 21:51 GMT
Thanks for your reply.

The company is looking for something that references the name and is simple
for the sales and data group to give to clients.  They can simply just say to
a client go to ftp://"ourname" and you will be prompted.

You mentioned that the user might be getting passed to the root to
authenticate.  How would I confirm that and then fix it?  I also would like
to not have users enter the domainname\username at logon but instead just the
username.  Is there a way to fix that?

Thanks,

> SSL certificates are for HTTP.  You can't apply them to FTP.
>
[quoted text clipped - 42 lines]
> >
> > Thanks in advance.
Reply to this Message
.._.. - 06 Oct 2008 16:19 GMT
A couple of points;

- using a URL ftp://companyname and click to connect will result in the user
loging in with a browser.  Which, in turn will require at least one if not
two extra steps to be memorized to log in to upload. Browsers cannot upload,
the user will have to switch to Windows Explorer first to do that. (Using
the built in Windows Explorer FTP function).  So you are back to "not so
easy" again anyway.

- Using local machine accounts rather than active directory accounts may fix
the necessity of entering the domain name to log in. Note however, that box
has that in it by default, even though it might not be a requirement for the
authentication the server is asking for, it's just a stupid Internet
Explorer dialogue. FTP requires no domain name to log in, ever.

- in IIS FTP 6.0, creating a directory tree with root/userame1
root/username2, etc. in the file system and applying permissions as
necessary AND making a virtual folder in the FTP instance with the same name
as the username, will automatically drop the user into their own "home
folder".  This is a hidden undocumented (for the most part) featuer of IIS.
They can still "CD" out of the folder if you want them to be able to.
(Also, make the root folder an empty folder, then map the virtual folders to
a DIFFERENT directory tree, and when the user "CD"s out, they get a blank
folder with nowhere to go unless they both know the other usernames and have
permissions for those folders.)

- you can do all of this with DNS (and you have this part done) mapped to
the IP, stop thinking about it, it's done.  Some noob may be emphasizing it
to you but it's not really all that important.

Again though, you are better off with just about any application other than
what is built into Windows Explorer, including the command line.

Why are you not considering SharePoint services?  Colaborative usage is what
that was built for. AND it's web based, AND it uses WebDav (which can happen
over regular SSL with a regular certificate).

> Thanks for your reply.
>
[quoted text clipped - 65 lines]
>> >
>> > Thanks in advance.
Reply to this Message
aja44 - 07 Oct 2008 03:04 GMT
Thank you very much for this detailed explaination.  The company I work for
will not spend any money on a 3rd party FTP software so I am basically stuck
with Windows.  But we do push them using FileZilla client which seems to work
very well but they must remember an IP address which I guess for some is
difficult.  We have a shared folder within the FTPROOT and each client gets a
folder within.  I set propagated permissions for my internal staff to process
work and the client gets Modify permissions specifically set at their folder.
Even if they tried to CD they will see all the folder names but unable to
get access to anything.  

I am not familiar with SharePoint having never worked with it.  But this is
not really a Colaborative effort.  My company has about 50 clients that will
upload data to them to be processed and my company will place the completed
data back into their FTP folder to be downloaded.  Some of these files can be
a few hundred MB to a couple of GB and way to big for email.  We do use a lot
of external HDs to burn data to and hand deliver to clients in NYC area but
out of state clients use the FTP.

Anyway, I do very much appreciate you taking some time to reply.

> A couple of points;
>
[quoted text clipped - 102 lines]
> >> >
> >> > Thanks in advance.
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.