Active Directory-IIS5 FTP User cannot log in!! Pls Help

[PeteAce]

OK. This problem has been bugging me for a long time, I hope someone can help me out with it.

Basically I'm trying to get our Win2k domain controller with Active Directory IIS5.0 FTP working with windows user login (Anonymous disabled). Under "FTP Site Operators" in the Default FTP site Properties, I have added in the users that I want to give access to. When I try to log in from a FTP client with the username and password it would give me the error - 530 User [username] Cannot log in. I have even tried putting the users in a group, then add the group under FTP site operators and it still doesn't work. I have assigned proper permmission under NTFS folder level. It has only worked for me just this one time, but after I restarted the server it didn't work anymore.

My question is, is this the right way to assign my windows users to have FTP access? I have tested and verified that the default Administrators user could log in with no problem, but I don't want to start giving all my ftp users the administrator rights.

Please help

 

[PeteAce]

Based on the search and FAQ I found in this forum I have tried to assign "Log on Locally" and "Log on as Batch job" rights to the FTP users using Domain Controller security policy, local policy and Domain policy. I rebooted the server, and it still doesn't work!!! any other ideas!!?

 

[koquito]

Are those workstations, those users are using, using your DC DNS address? if not, make them use it A+, MCP, CCNA
marbinpr@hotmail.com

"I just know that I know nothing"
Socrates (469-399 B.C.E.)

 

[clodur]

Hi,
Unfortunately, if you are hosting your ftp site on a domain controller in Win2000, your ftp users will have to be able to logon to the DC, those users will need to be able to logon interactively on the DC.
Your only alternative is to host the ftp site on another machine that's not a DC.

 

[bbawkon]

Try having the users login using DOMAIN\USERNAME instead of just USERNAME. It worked for me.

 

[bschob]

I am having the same problem. It seems to work for the administrator accounts but doesn’t work for any users. If I make the user an administrator, they log in fine. I have tried using the domain\username and it does not work. Did anyone find a fix that works?

 

[qwert231]

So, you are supposed to put the users or group into Interactive mode? Or allow them to be? How do you do this?

 

[Mavtech]

I've been having this exact same problem. It only happened to me after installing Active directory. Then, I have to add the regular users to the Admin group. I can't figure it out.

 

[qwert231]

K, there is a knowledgebase article that answers this.

http://support.microsoft.com/default.aspx?scid=kb;

[LN];200475

Basically, FTP users need to be able to log into the machine Interactivly. What this means EXACTLY, I don't know. But what I do know, they need to have certain rights on the system, not just the domain. You can put all FTP users in a group, and apply the permissions in the KB article to the group, and take them out of the admin group. Whew... If anybody has any more precautions for this please post here.