Easy to set up Windows 2003 user isolation FTP site Considerations _win Server

Source: Internet
Author: User
Tags anonymous ftp site file transfer protocol port number
The installation of the FTP site seems to be not a difficult thing, we do not need the help of any external tools, only the use of Windows Server system with the IIS features, you can easily set up an FTP site. However, the FTP site installed in this way not only allows any user to anonymous access, but they can also the home directory of the FTP site to "read" and "write", so that the content stored in the FTP site is not security. So how can we make a successful FTP site, not allow users to access the home directory, but only access to the user's own directory? In fact, in the Windows 2003 Server IIS 6.0 system, we just need to take advantage of the newly added "Isolate User" FTP component, Makes it easy for users to access only their own directories.

To install the isolate users FTP component

Because the installation of the FTP site requires IIS6.0 support, and in the default state Windows 2003 server does not have the component installed, so in the installation of the FTP site with user isolation, we need to first install the IIS6.0 component, and the "Quarantine user" The FTP component was successfully installed, and the following is the specific steps to install the "Isolate users" FTP component:

First, in the Windows 2003 Server system, click the Start/Settings/Control Panel command, click the Add or Remove Programs icon in the Pop-up Control Panel window, and then in the Add or Remove Programs settings interface that appears later in the dialog box, add/ Remove the Windows Components button and go to an interface titled "Windows Component Wizard."

Second, in the Components list box, select the Application Server complex option and click the Details button, and then double-click the Internet Information Services (IIS) project in the Application Server Settings window that pops up, and go to Internet Information Services (IIS Property Settings box, select the File Transfer Protocol (FTP) service item (shown in Figure 1) in the Child components list of the Settings box, click OK, and then follow the wizard prompts to complete the FTP component with the isolate user feature.


Figure 1

  Create an FTP site user access account

In order to prevent ordinary users through anonymous account access to the FTP site, we set up the FTP site will certainly limit the access of anonymous accounts, only to allow specific users to access the content of the FTP site below. To this end, before the official installation of the FTP site, we need to create some user access account in the Windows 2003 Server system for the FTP site, users must create a good account in advance to login to the FTP site. When creating an FTP site User access account, we can follow these steps:

First in the server System desktop, click the start/Run command, in the pop-up System Run dialog box, enter the string command "Compmgmt.msc", click the Enter key, open the local Server System Computer Management window;

Second, in the display area on the left side of the Management window, double-click the Local Users and Groups option with the mouse. Below the expanded branch select the Users folder, and in the right display area of the folder, right-click the blank position, click New User from the pop-up right-click menu, and go to new user Create the window (shown in Figure 2);


Figure 2

Next, set up the user's access account and password information in the window, cancel the selected state of the "user must have this password at next logon" item, select the "Users cannot have this password" option and the "Password never Expires" option, and then click the "Create" button, In this way, a target user's account information even if created successfully. Similarly, we can create an account information for all users who need access to the FTP site.

  Create a directory corresponding to the access account

When you have created a user access account, what we need to do next is to create the home directory of the FTP site on the local hard disk of the server system, and the user accounts corresponding to each user account, to ensure that each user can only access his or her own directory at a later date, without having access to another user's directory.

In order to allow the establishment of a good FTP site with user isolation, we must follow certain rules to set up the site's home directory and user directory. First we need to set up a folder in the NTFS-formatted disk partition, such as "AAA", and use the folder as the home directory for the FTP site to be built;

Then go to the AAA folder window and create a subfolder in which you must set the subfolder name to "LocalUser" (The subfolder name cannot be set arbitrarily), and then open the "LocalUser" subfolder window. Then, in this window, create a personal folder that is the same as the name of each user account, for example, we can create a "AAA" subfolder for the "AAA" User (if the user account name is not the same as the user directory name, then users will not be able to access the content below their directory)

Of course, if we still want to set up a successful FTP site with anonymous login, then you must create a "public" subdirectory in the "LocalUser" folder window, and visitors will be able to browse to "public" when they log on anonymously to the FTP site. The contents of the subdirectory.

  Create a user isolation FTP site

Do the above preparation work, we can now formally set up with the "user isolation" function of the FTP site, the following is the specific steps to build:

First click "Start" in the system desktop, "programs, administrative Tools, Internet Information Services (IIS) Manager command, open the IIS console window, in the list area to the left of the window, right-click FTP site, and select New from the pop-up right-click menu. , FTP site menu command, go to the FTP Site Creation Wizard settings interface, click the "Next" button;

Second, enter the name information for the FTP site in the "FTP site description" interface that pops up. For example, you can enter the user quarantine site, continue clicking the Next button, and in the subsequent IP address and Port Settings page, set the IP address of the destination FTP site, and set the service port number to the default "21", then click "Next" button;

Then we'll see a setup interface titled "FTP user Isolation", select the isolate users item in the interface, and then go to the FTP Site Home Directory Wizard Settings window, click the Browse button, and from the folder selection dialog that pops up, create the "AAA" that you've created earlier. The folder is selected and imported, and then click OK, and when the wizard window asks us to set up FTP site access, we must select the Write item (as shown in Figure 3), and finally click the "Finish" button to end the setup of the FTP site.


Figure 3
When the FTP site is set up successfully, we might as well from another workstation in the local area network, the account "AAA" login into the FTP site just created, and then recreate a file in the corresponding directory. To verify that the document you just created is saved in the "AAA" subfolder, we may want to log in to the Windows 2003 server and check the "AAA" subdirectory under the "LocalUser" folder to see if there are any files that you have just built, and if you see them, That means that the FTP site with user isolation function has been erected successfully.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.