Authentication in IIS FTP site

[WANguy2k]

I have an FTP site running on IIS4. The FTP site is outside my domain in a DMZ. Problem is, I want to allow anonymous access (which works) as well as access to some secure folders. When I try to apply security to sub-folders of ftproot (by removing all access except the local administrator and another local user), anonymous users can still access the folders. Also, I try to use WS_FTP to login to the site as administrator, and I get access denied, so I can't upload or download any files. Login locally is on the accounts I'm testing with. Any suggestions?

 

[chester27]

At the top level, check the box for Anon access, and to any lower folders to. On the folders you want only certain access click on thier properties and turn off anon access, and tick the box for basic authentication, or windows intergrated.

 

[WANguy2k]

It doesn't seem to work: I allow anonymous access to the site through the IIS manager. Then I create a sub-folder called PUB, designate it as a virtual folder and allow anonymous access to it also. Then another sub-folder called JKrowiak under that. I go into explorer, and delete Everyone's read access to that folder. Now I open a browser (from a remote network), and can access the site in read only. When I click on JKrowiak, I get "the page cannot be displayed", no logon prompt. In fact, I cannot get a logon prompt even if I turn off anonymous access to the whole site. If I use WS_FTP to try to logon to the site, it won't accept a logon even as administrator.

Do you know what ports/protocol are involved in logging on to an IIS ftp site? Could my firewall be allowing FTP access but not the ports required for login?

 

[chester27]

Try removing the system account from the permissions on the directory you want to secure.