The instructions describe the process of installing and configuring the FTP server on virtual machines run by the Windows Server 2016 operating system, setting up the work of the firewall and dividing the access area for different users.
What is it?
FTP (File Transfer Protocol) is an abbreviation of File Transfer Protocol. As the name implies, FTP is used to transfer files between machines on a network. You can use FTP to share files between a local PC and a remote server and to access online software archives.
Our manual will consider the option of installing an FTP server as an IIS web server role, alternatively, you can use other software, for example, FileZilla Server, Titan FTP Server, Home Ftp Server, Ocean FTP Server.
Installing FTP server on Windows server
Open the Windows Server Control Panel and find the Add roles and features.
As the installation type, specify Role-based or feature-based installation.
Select your server from the server pool.
In the next window, check the IIS web server.
In the window that opens, click Add features.
In the next window Features do not select anything.
Next in the Role services window, check the FTP server.
Install all selected features on the server using the Install button.
Creating an FTP site on a Windows server
Open IIS Manager. Right-click on Sites and select Add FTP Site from the menu.
Enter the site name and path to the directory.
Next, select your IP address in the drop-down list. For encryption, check No SSL.
In the next window, select Basic for authentication. Authorization – Specified roles or groups, enter the name of the group of FTP users (example of creation below). Check the desired read and write permissions and click the Finish button.
Your website will appear in the tree structure of the Windows web server.
Create user group
Creating a Windows group is necessary to determine the users who will have access to the ftp server. Open Computer Management. In the menu on the right, select Groups. Use the right mouse button to create a new group (New Group).
In the window that opens, enter the name of the group, a description if necessary. To add a user, click Add.
Enter a name in the input field, to check it, click Check Names. If Windows users exist, click Ok.
After everything is added, create a group using the Create button.
In order for each user to get to his own directory and not have access to other files after connecting to the server, it is necessary to set up isolation. To do this, open your ftp site settings and select FTP User Isolation.
Select the User name directory and click Apply.
Then, using the right mouse button, open the menu of your ftp site and select Add Virtual Directory.
In the Alias field, enter a nickname or name, in the path field enter the path to the user directory, to do this, create a subdirectory in the ftp site directory on your Windows server. Click Ok.
To configure permissions in IIS Manager, expand the hierarchical structure of your ftp server. Using the right mouse button, open the Windows virtual directory menu and select Edit Permission.
Click the Security tab and click the Advanced button.
In the window that opens, click the Disable inheritance button, select the first option in the new window, and then click Apply – Ok.
Return to the Security tab and click the Edit button.
Select the Users group in which all users are located and click the Remove button. This is necessary so that only the owner of the directory has access to it.
Now add a Windows user who will have full access to the directory. Click the Add button.
Enter the username of the virtual directory in the input field, to check it, click Check Names. If users exist, click Ok.
Next you need to add rights for complete control of the directory. Select the created user and check all fields Allow (Permissions).
Next, click Apply – Ok.
For an external connection to the ftp server, you must configure the firewall. To do this, open Windows Firewall with Advanced Security. In the vertical menu on the left, select Inbound rules, then in the vertical menu on the right New Rule.
In the window that opens, check the Predefined type and select FTP Server from the drop-down list. Click Next.
Tick all the lines and click Next.
In the next step, select Allow the connection and click Finish. For these rules to take effect – restart the server.
Connect to an FTP server
You can connect to an FTP server in several ways, for example, through the standard Windows utility – Explorer, or through the FileZilla program.
Consider connecting through Explorer. In the address bar, enter:
ftp: // ip address
The login and password input window will open, specify the connection data from the server control panel.
Note: The IIS web server allows you to flexibly configure the connection to the FTP server, for example, to divide the visibility of space for different users, to enable anonymous access and to configure permissions.
As a result, you will see the contents of the FTP server folder:
Note: the built-in ftp server of the IIS web server has many features, such as: user isolation, SSL support, restriction of login attempts to the server, logging with various parameters.