Help with FTP

[TrevorUbi]

I am trying to set up a FTP site using Windows NT 4 with Server pack 6a and IIS4.

When I use the default settings, both for IIS and the NTFS permissions, I have no problems with folder access or even creating a new folder and posting a new file to the folder.

The problem starts when I start to apply security to the site. Firstly, If I take off the option to log in anonymously, and add for example a user to log on locally where the FTP site is, when I start IE and go to my FTP site, it askes for my user name and password. This I supply, but am unable to log on. Why?

The second problem is when the anonymous setting is replaced, I change the NTFS permissions on the folder I would like to make changes to. So for example, I change the everyone group to read at the root of the site, and I can read the folders and sub folders info OK. Say in the second subfolder, I would like to have control, so I remove the everyone group, and add my user account to the folder and make sure that I have full control. At this point, when I try to read the folder, I get error 550: access denied. I then re-add the everyone group as read only. Fine, I can now see the folder, but I am now unable to create an new folders with in this folder or add any file. This I know, as the everyone group in NTFS take presidant over any other settings. How can I get around this problem as well?

Any help on this matter would be grateful.

Regards

Trevor

 

[Shift838]

I've seen this problem many times. Your default logon domain is most likely not set right. To test this, try hitting the site again and when prompted for username and password enter your username as follows:

domain\username

 

[Shift838]

This is how you set the default logon domain in IIS:

To set the default logon domain

In IIS Manager, right-click the Web Sites folder, Web site, directory, virtual directory, or file, and click Properties.

**Note Configuration settings made at the Web Sites folder level can be inherited by all Web sites.

Click the Directory Security or File Security tab, depending upon what level you are configuring security settings.

In the Anonymous access and authentication control section, click Edit.

In the Authenticated access section, select the Basic authentication check box.

Because Basic authentication sends passwords over the network unencrypted, a dialog box appears asking if you want to proceed. Click Yes to proceed.

In the Default domain box, either type the domain name you want to use, or click Select to browse to a new default logon domain. If the Default domain box is filled in, the name is used as the default domain. If the Default domain box is left empty, IIS uses the domain of the computer that is running IIS as the default domain. IIS configures the value of the DefaultLogonDomain property, which determines the default domain used to authenticate clients accessing your IIS server using Basic authentication. However, the domain specified by the DefaultLogonDomain property is used only when a client does not specify a domain in the logon dialog box that appears on the client computer.

Optionally, you can enter a value in the Realm box, which configures the value of the Realm property. If the Realm property is set, its value appears on the client's logon dialog box, when Basic authentication is used. The value of the Realm property is sent to the client for informational purposes only, and is not used to authenticate clients using Basic authentication.

Click OK twice.