Re: IIS 6.0 FTP

Don't get us wrong. We are not questioning your integrity. We are purely
looking at the provided information, and from the information we see, it
does not look like the behavior of an IIS FTP server. By default, IIS FTP
server does not give out a banner that says it is Pure-FTPd, and I don't
believe that IIS FTP server would be able to output multiple 220 welcome
message. Could you disable the IIS FTP site and see if you still could
connect to it?


"dawber39" <dawber43@xxxxxxxxxxx> wrote in message
news:1D3E6765-48C3-4CAC-96A8-044FD95FD0EB@xxxxxxxxxxxxxxxx
Whether you and bernard want to believe it of not, I am using IIS 6.0. -
Microsoft would not use something else. This is a brand new server with
SBS
2003 premium edition installed on it. Nothing else. There are no other ftp
versions on there. I administer it through mmc - it states IIS version
6.0 -
I came up here seeking an answer to a problem, and all I am getting is a
questioning of my integrity. I do know what I am using - I do not know how
much more I can emphasize this!

"Jimmy Chu" wrote:

Doesn't it say Pure-FTPd from the banner? Doesn't this mean that you're
not
using the IIS FTP server?


"dawber39" <dawber43@xxxxxxxxxxx> wrote in message
news:3B07E1FF-C915-45A4-BA9F-A0113B99E21B@xxxxxxxxxxxxxxxx
Well IIS FTP does have such a feature, how to use it, I do not know.
That
was
the default. To be exact on what I am using:

Internet Information Services (IIS) Manager
Microsoft Corporation
Version: 6.0

This snap-in administers the Microsoft Internet Information Services
(IIS)

I get this error message in the event viewer/Security

The Security System detected an authentication error for the server
ldap/ftp2.Kilduff.local/Kilduff.local@xxxxxxxxxxxxxx The failure code
from
authentication protocol Kerberos was "The attempted logon is invalid.
This
is
either due to a bad username or authentication information.
(0xc000006d)"
I am using the correct password, I use it to connect via remote desk
top

"Bernard Cheah [MVP]" wrote:

220---------- Welcome to Pure-FTPd [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 00:44. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 15 minutes of inactivity

Well, you do have a lovely banner msgs.... how do you get the user
number
(1
of 50) allowed?
I doubt IIS FTP has such feature.

next, general 530 error indicating login failed, that could due to
- username/password wrong
- local policy - access from network, etc not granted
Error message in IIS: "530 User <Username> cannot log in. Login
failed."
http://support.microsoft.com/?id=200475

--
Regards,
Bernard Cheah
http://www.iis-resources.com/
http://www.iiswebcastseries.com/
http://msmvps.com/blogs/bernard/


"dawber39" <dawber43@xxxxxxxxxxx> wrote in message
news:7223B5ED-6262-4E26-A4EC-F6039E5C3694@xxxxxxxxxxxxxxxx
In addition - it is IIS 6.0 running on Small Business Server 2003.

"dawber39" wrote:

This is what I get:
C:\Documents and Settings\HP_Administrator>ftp kilduff.com
Connected to kilduff.com.
220---------- Welcome to Pure-FTPd [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 00:44. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 15 minutes of inactivity.
User (kilduff.com:(none)): Administrator
331 User Administrator OK. Password required
Password:
530 Authentication failed, sorry
Login failed.
ftp>
And as it said - the logon failed, and it failed with several other
user
accounts too. Also my IP address is in the security directory.
Should
I
try
something else? I really appreciate your efforts here.

"Bernard Cheah [MVP]" wrote:

The reason for testing via ftp.exe is to see if your ftp server
is
working
correctly.
I understand your have the order entry program, but now - we need
to
check
if your ftp is working first.

So, go to the remote machine (which allow to connect to your iis
server), go
to command prompt
c:\>ftp yourftpserver
do you see login prompt?, try login, can you upload file?
post the output here.

The ftp server connection msgs you posted, doesn't look like IIS
FTP
to
me.
you sure you are using/connecting to IIS FTP?

--
Regards,
Bernard Cheah
http://www.iis-resources.com/
http://www.iiswebcastseries.com/
http://msmvps.com/blogs/bernard/


"dawber39" <dawber43@xxxxxxxxxxx> wrote in message
news:0BDF61DC-F975-4F58-9321-53C018532D87@xxxxxxxxxxxxxxxx
Yes, I only allow specific IP addresses to connect, as I did
with
IIS
4.0.
My
clients are using an order entry program created in Microsoft
access.
This
works in conjunction with a host program created in the same.
The
host
polls
the client folders in the FTP root directory. The Client enters
their
order,
hits the send button, the order entry program then opens the
ftp
connection
using the clients username and password, and uploads the order
to
their
respective folder. The host then pulls the order. None of these
clients
actually access the site by ftp.exe. All that is done within
the
order
entry
program. I have looked over the code within the order entry -
and
I
see
nothing that would interfere with its operation. Below is what
comes
up
when
I ftp into the site. I do not do much of that myself. This has
me
at
a
loss
here. They all have the proper permissions, their IP address is
in
the
directory security, and yet when I reboot, I have to enter the
syntax
I
mentioned in my first post, or I get the resulting error
message.
This
really
has me baffled. I got that idea from a help and support file in
Windows
server 2003 "Article 293637". It doesn't even say it applies to
IIS
6.0,
but
I tried it, and it worked. It gives no resolution. Well... this
is
what
comes
up. Any ideas?
220---------- Welcome to Pure-FTPd [TLS] ----------
220-You are user number 2 of 50 allowed.
220-Local time is now 10:03. Server port: 21.
220-This is a private system - No anonymous login
220 You will be disconnected after 15 minutes of inactivity.

"Bernard Cheah [MVP]" wrote:

I'm confused. Are you saying you have configured IP
restriction
and
only
allowed specific IP address to connect?
if yes, what's the problem now? user can't connect? post the
output
when
you
connect via ftp.exe

--
Regards,
Bernard Cheah
http://www.iis-resources.com/
http://www.iiswebcastseries.com/
http://msmvps.com/blogs/bernard/


"dawber39" <dawber43@xxxxxxxxxxx> wrote in message
news:312479F6-F23A-4F62-8CE2-600D82FAA11C@xxxxxxxxxxxxxxxx
In directory security, everyone is denied access, except the
Ip
addresses
of
my clients. This is the exact same way I had it set up on my
NT
4.0
running
IIS 4.0. I am really confused here, and I need this to run
smoothly.
There
is
no reason this should be happening that I can see. I have
even
gone as
far
as
to grant the clients full permissions, and I get the same
thing.

"Bernard Cheah [MVP]" wrote:

IP restriction setting keep coming back?

What if you go to IIS MMC, ftp site - directory
security....
remove
all
restriction, then close IIS MMC.
restart IIS service, then reopen IIS MMC. is the setting
still
there ?

if no, then reboot the machine, does the setting come back?
--
Regards,
Bernard Cheah
http://www.iis-resources.com/
http://www.iiswebcastseries.com/
http://msmvps.com/blogs/bernard/


"dawber39" <dawber43@xxxxxxxxxxx> wrote in message
news:D824707E-865B-4DF3-9201-3925C27B3EE9@xxxxxxxxxxxxxxxx
Everytime my Server is rebooted, none of my ftp clients
can
get
through
until
I type these instructions from the command prompt within
the
inetpub\adminscripts directory.
cscript adsutil.vbs delete msftpsvc/<FTP site
number>/root/ipsecurity
net stop iisadmin /y
net start msftpsvc

Why do I have to keep typing this? Is there some kind of
security
update
that I can remove? I should not have to do this everytime
the
server
reboots.
If I dont, the client gets an error that reads:
"FTP Server could not create a client worker thread for
user
at
host
4.131.204.222. The connection to this user is
terminated.
The
data
is
the
error".
As soon as I type the above commands, it is okay. Is
there a
way
around
this? I appreciate any and all help.

Rick


















.