Setting FTP Site Authentication

  • Article

Applies To: Windows Server 2003, Windows Server 2003 with SP1

Based on your security requirements, you can select an IIS authentication method to validate users who request access to your FTP sites. To set FTP site authentication, choose from the following authentication methods:

  • Anonymous FTP authentication. This authentication method gives users access to the public areas of your FTP site without prompting them for a user name or password.

  • Basic FTP authentication.This authentication method requires users to log on with a user name and password corresponding to a valid Windows user account.

You cannot use Digest or Integrated Windows authentication with FTP sites, and you must set available authentication settings at the site level for FTP sites.

Enabling Anonymous FTP Authentication

You can configure your FTP server to allow anonymous access to FTP resources. If you select Anonymous FTP authentication for a resource, all requests for that resource are accepted without prompting the user for a user name or password. This is possible because IIS automatically creates a Windows user account called IUSR_computername, where computername is the name of the server on which IIS is running. This is very similar to Web-based Anonymous authentication. If Anonymous FTP authentication is enabled, IIS always try to use it first, even if you enable Basic FTP authentication.

For information about enabling Anonymous FTP authentication, see Configuring Anonymous FTP Authentication. For more information about creating Windows user accounts and setting NTFS permissions, see Securing Files with NTFS Permissions and Setting NTFS Permissions for Directories or Files.

Enabling Basic FTP Authentication

To establish an FTP connection with your Web server by using Basic FTP authentication, users must log on with a user name and password corresponding to a valid Windows user account. If the FTP server cannot verify a user's identity, the server returns an error message. Basic FTP authentication transmits the user name and password across the network in an unencrypted form.

For information about enabling Basic FTP authentication, see Configuring Basic FTP Authentication.