Why I can not ftp to NT4(PDC) as a user? it works only as admin.

[Sina]

Hi everyone.

I have an NT server 4.0 (as a primary domain controller) and need to give a user ftp access to the ftproot.

the users is simply a domain user with no special rights. However when I try to login as his Id I can not login. But when I make him a member of Admin, he can login.

I have looked at the ftp (on IIS) and everything is the default. Anonymous user can login with a dummy password.

Also the ftproot has permission set to (full controll) for everyone. So anyidea.

I know that on other servers, the user can login as long as he/she is a member of local server. (server is not a pdc).

But in this case how can I have this users be a local user?

Any help.
Basically I need to get this user login via ftp so he can copy files.

Thank you all.

TeamLinux@hotmail.com

 

[GregBVH]

I am not positive, but my guess would be that on domain controllers only admins can logon locally, so I think it might be thinking that a ftp logon is somehow logging onto that computer not just accessing files and requiring him to have the logon to this computer right which the admin group has.

 

[Sina]

Hi Greg,
I think you are right, since the ftp use id can not logon locally, I guess that is not possible.

But in this case, how would you give some one ftp access without giving the admin rights?

Thank in advance.

 

[Ulaa]

Does the user have to know what he/she is FTP'ing?. Set up a folder on their machine, setup a scheduled FTP session useing whatever account you want. Have the FTP session scan and upload the contents of the folder every fifteen minutes or so. This would of course only work if the source and destination were fixed.

However if you need to be more flexible than that, setup the ftp, give the user account admin access (without telling them) and set the root to the toplevel acces they need to have. They cant go higher in the filesystem than the root, only lower. So if you set the root for the FTP as C:\folder1\folder2\folder3\This is the Root Folder. They can never go higher even tho they have the logon access required.

Another alternative is to create an account in User manager, call it "FTP Service" Give it admin and logon rights ONLY to the server that you are pointing it at.

Theres a couple of ways to do it .

I hope this was of some use.

 

[GregBVH]

I would be inclined to use a different machine other then NT server for the FTP server, Either Linux or a simple workstation machine then simple map a drive to the local of the info you want available.

 

[bigmack]

In order for users to gain access to the ftp. They must be created on the pdc. In addition to that they must have log on locally privileges. After all that log of the server and then log back on to the server using the username and password of the client you just created. Each user that wants ftp access must log on to the server once in order for ftp to work for them. When that is all done users do not have to have admin privileges, you can administer users however you want.