Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Saturday, December 12, 2009 3:49 PM
This is the first time I have ever setup IIS, I have been extremely impressed on how easy it is to get going on the whole, however I have hit one problem I have gone to the furthest lengths to fix myself and I just cant work it out! The FTP service, despite following good guides on this website, refuses to work for me! No matter what I do with permissions (even allowing Anonymous Login) I get this error: "Response: 530 User cannot log in, home directory inaccessible." Process Monitor Output: http://img121.imageshack.us/img121/8315/ftpissue.jpg I am just trying to get Basic Authentication working with Windows Users. I cannot make sense as to why there is no error. (Using IIS from within Windows 2008, not from iis.net) Any troubleshooting assistance is most appreciated! Thanks -- Chris
All replies (18)
Sunday, December 13, 2009 9:27 PM âś…Answered
In new ftp, you need to configure authorization before any access. and now it supports both Windows and IIS users, giving you more flexibility. For the folder direction, you must have add it to default web site (ftp publishing) I suggest you read the articles here to know more about this new ftp component from MS.
http://learn.iis.net/page.aspx/356/ftp-7-for-iis-70/
Sunday, December 13, 2009 1:54 AM
That will be IIS 6, are you using any ftp user isolation feature?
The best way to trace this is still via filemon or procmon, this will shows where IIS is sending the user to. Don't filter the procmon first, i think you can look at where IIS is sending the user to.
Sunday, December 13, 2009 9:17 AM
It is actually IIS 7.5 I believe. Im running Server 2008 R2. [This is the HTTP to the server: http://www.cubicintellect.com/\] Ill get hold of filemon and see what's happening, thanks so far!
Sunday, December 13, 2009 9:42 AM
Ok ive re-looked at procmon and its file summary etc. It turns up nothing useful it seems, here are a number of screenshots I have produced to see if you can see the problem?
Much Appreciated.
Chris.
Sunday, December 13, 2009 10:38 AM
I have deleted IIS, removed the inetpub folder and re-installed to ensure everything was at default settings.
I then added FTP to the default site, again with the same 503 Error:
C:\Users\Administrator>ftp 127.0.0.1
Connected to 127.0.0.1.
220 Microsoft FTP Service
User (127.0.0.1:(none)): rubix
331 Password required for rubix.
Password:
530-User cannot log in, home directory inaccessible.
Win32 error: Access is denied.
Error details: Authorization rules denied the access.
530 End
Login failed.
ftp>
However if I add an allow rule in "FTP Authorisation Rules" for "All Users" I can login with the same credentials. (IIS is sending the users to the correct location: "C:\inetpub\wwwroot" ?? Any Ideas because im completely confused. I dont have anything critical running on the server so if someone would like to look at it via RDP id like to PM the credentials. [Edit] If I allow the group "Administrators" which "rubix" is a member of, it allows the login also. But if I specify the user "rubix" as the only allowed user I get the above error.
Monday, December 14, 2009 9:52 AM
Ok thank you, maybe I have missed something then! Thanks for your patience.
Thursday, January 28, 2010 5:41 AM
Hello I have exactly the same problem on Win 2008 R2. I could make an FTP publication on a first website but when I try to configure the FTP publication for a second website, it doesn't work... Here the error message from the CMD ftp connection: 530-User cannot log in, home directory inaccessible. Win32 error: Access is denied. Error details: Authorization rules denied the access. Any idea? Thank for your support
Thursday, January 28, 2010 10:43 AM
Hello I have found an error message telling that the second website ftp publication uses the same port (21) than the first website ftp publication... Does it mean that we cannot use the same FTP port for all the websites publication? If so, well, this feature is useless and I'll use Serv-U ftp server again as I did for all my IIS 4, 5 & 6 servers Regards
Monday, February 1, 2010 8:25 PM
when you got authorization error, check if you have authorize those user access in ftp authorization. for multiple ftp site on the same IP/port binding, look at the ftp virtual host name feature in the new IIS 7.5 release, you can read more from the link I posted earlier...
Tuesday, February 2, 2010 3:51 AM
Hello qbernard Thank you a lot for your help I followed your instructions but now I have this error message : 503 Login with USER first. This is beginning to sound crasy to me. I don't understand why geting a working ftp server is such a pain! Cheers
Tuesday, February 2, 2010 4:07 AM
I have solved my problem The "|" caracter between the hostname and the username was missing in my ftp client software credentials. Thank you all for your help Regards
Friday, February 5, 2010 10:11 AM
wow! and you didn't see that missing in the log file? mmm....
Wednesday, December 29, 2010 9:09 AM
I had same problem and i found solutin. I added AD user (e.g. "[email protected]"), but i didn't fill in the form domain path, I wrote only "ftpuser" and that was the reason. Every user from AD can log in to FTP server, but none has authorization on FTP directory. So there is important correct name in Authorization. (there is not classic windows AD users dialog) :(
Monday, January 3, 2011 3:12 AM
Oohh :) you on R2 as well or ? you can check the ftp log file on who is loggin in /etc.
Wednesday, December 7, 2011 2:03 AM
For anyone still looking the solution was easier than I thought it would be, but took quite awhile to find the thing.
Solution is to goto the command line and input "iisreset" for the command. Essentially, the issue is the cache in the system does not clear out unless you do the reset. Article below helped me figure that out.
MS Article:
http://support.microsoft.com/kb/932448
Monday, December 12, 2011 10:04 PM
@@ that's token cache, i think default ttl is 900 secs.
Wednesday, May 16, 2012 1:10 PM
Hi, I ran into the same issue. I set it all up correctly with our domain etc. Here's a trick I found, not sure if it pertains to this: When you go to add authorization rules for each user or a group of users enter in the users with no spaces eg. user1,user2,user3 I did that and Viola! It worked! Apparently IIS isn't smart enough to ignore spaces.
Thursday, June 21, 2012 8:21 PM
Mmm... I thought the form did a simple check before it accepts the value ?