CONFIGURING FTP IN ISOLATION MODE (IIS6)

 

CONFIGURING FTP IN ISOLATION MODE (IIS6)
(WINDOWS SERVER 2003)

 
 

1. Installing
IIS6 FTP on Windows Server 2003:

If using the new style Start menu: Click on “Start”,
“Control Panel”, “Add or Remove Programs”
and select the “Add/Remove Windows Components”
tab on the left-hand side.

If using the "Classic" style Start menu: Click
on “Start”, “Settings”, “Control
Panel”, “Add or Remove Programs” and
select the “Add/Remove Windows Components”
tab on the left-hand side.

In the “Windows Components Wizard”, highlight
the “Application Server” and press the “Details”
button. The screen below will be displayed (Fig 1).

Figure 1
Figure 1 – The Application Server Screen

Highlight the “Internet Information
Services (IIS)” option and press “Details”
(as shown in Fig 1 above).

Figure 2
Figure 2 – The Internet Information Services
(IIS) Screen

On the next screen (Fig 2 above) we highlight
“File Transfer Protocol (FTP) Service”.

Click “OK” to close each window
and “Next” to install the newly-selected
components. You will be asked to insert your Windows
Server 2003 disk. Click “Finish” once the
installation is complete.

You have now installed the FTP service.

 
 


 
 

Figure 3
Figure 3 – Setting up your FTP Root Directory

2. The FTP Root Directory

In order to use FTP in "Isolation" mode, we
need to construct the FTP Root so that users are "Dropped"
into their correct home directory.

The structure illustrated above contains two subdirectories,
"localuser" and my domain "simongibson"
which contain home directories for each user. These
user sub-directories must match their respective username
exactly. If not, the user will not be able to log onto
your FTP server.

Create the directory structure above to match your configuration.
The "FTPRoot" directory can be placed anywhere
on your system.

 
 


 
 

Figure 4
Figure 4 – Where to find the IIS Manager

3. Where to find the IIS Manager:

If you are using the new style Start menu, you can reach
the Internet Information Services console by clicking
“Start”, “Administrative Tools”
and selecting “Internet Information Services (IIS)
Manager” from the list in figure 4 above.

If you are using the “Classic” style Start
Menu, you can reach the console by clicking “Start”,
“Programs”, “Administrative Tools”
and select “Internet Information Services (IIS)
Manager” from the list in figure 4 above.

 
 


 
 

Figure 5
Figure 5 – Removing the Default FTP Site in
IIS 6

4. Removing the Default FTP Site in IIS 6:

The first task is to remove (delete) the Default FTP
Site. This site does not use Isolation and matches IIS5
FTP sites in terms of functionality and security. As
we are going to use Isolation, we will need to create
a fresh FTP site.

Simply right-click on the Default FTP Site and press
"Delete" in the menu that appears.

 
 


 
 

Figure 6
Figure 6 – Creating a fresh FTP Site in IIS.

5. Creating a fresh FTP site:

To create a new FTP site, simply right-click on "FTP
Sites" and select "New" and "FTP
Site…". Then, press "Next" to begin
the FTP Site Creation Wizard.

 
 


 
 

Figure 7
Figure 7 – FTP Site Creation Wizard: FTP Site
Description

6. FTP Site Creation Wizard: FTP Site Description

This is the name that will appear in the "FTP Sites"
list in IIS. I’m going to use my imagination and call
this site "FTP".

Click Next.

 
 


 
 

Figure 8
Figure 8 – FTP Site Creation Wizard: IP Address
and Port Settings

7. FTP Site Creation Wizard: IP Address and
Port Settings

Simply select your server’s IP address from the list
(this is usually the only one listed).

You can also change the TCP Port if required but this
is not recommended.

Click Next.

 
 


 
 

Figure 9
Figure 9 – FTP Site Creation Wizard: FTP User
Isolation

8. FTP Site Creation Wizard: FTP User Isolation

This screen allows you to choose the type of Isolation
you want to use:-

"Do not isolate users"
Although this option allows users to be "dropped"
into their own home directory (if one exists under the
FTP root that exactly matches their username), it’s
NOT able to stop them moving up out of their directory
and into those belonging to other users.

"Isolate users"
This option Isolates users based on the directory structure
under the FTP root directory (see Step 2). This is the
easiest of the two Isolation methods and the method
we will use in this tutorial.

"Isolate users using Active Directory"
This option Isolates users by getting their "FTP
Home Directory" from the Active Directory. The
advantage of this is that new users can be added without
the need to modify your FTP site. However, the "FTP
Home Directory" can not be entered using the Active
Directory snap in and must be configured from the command
line by using a VBScript utility.

As shown in Figure 9 above, select "Isolate Users"
and press "Next".

 
 


 
 

Figure 10
Figure 10 – FTP Site Creation Wizard: FTP Site
Content Directory

9. FTP Site Creation Wizard: FTP Site Content
Directory

This step defines the FTP Root directory. Select the
FTP Root directory you created in Step 2 (Figure 3).

 
 

 
 

Figure 11
Figure 11 – FTP Site Creation Wizard: FTP Site
Access Permissions

10. FTP Site Creation Wizard: FTP Site Access
Permissions

This step allows you to define read or write access
for your FTP site. In this case, I intend to allow files
to be uploaded so I’ve ticked the "Write"
box.

Click Next then click Finish to complete the Wizard.

Your FTP Site is now ready for use. To test it, simply
open Internet Explorer and enter the URL ftp://192.168.0.1
(or your Server’s IP address if different). You should
then log in and be automatically "Dropped"
into your home directory.

 
 
Categories: Windows ServerBookmark

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>