How to create FTP folders for users in IIS 5.0

This article describes how to create FTP folders for users in Microsoft Internet Information Services (IIS) 5.0. After you follow the steps in this article, users can access their own FTP folder. However, they cannot access the root FTP folder or the folders for other FTP users.

To create an FTP folder for a particular user, follow these steps. These steps use the default FTP site. However, you can follow these steps for any FTP site.

1. On the hard disk on which IIS 5.0 is installed, create a folder that is named FTPusers. For example, create the C:\FTPUsers folder.
2. In the folder that you created in step 1, create a subfolder for each FTP user. For example, create the C:\FTPusers\User1 subfolder and the C:\FTPUsers\User2 subfolder.
   
   Note The FTP user must have both an account on the local computer and the Log On Locally permission. User1 is the exact name that is used by an FTP user to log on to the FTP site.
3. Set the following permissions on the folder that you created in step 1:
   • Administrators: Full Control
   • Everyone: Read
   • System: Full Control
4. Set the following permissions on the folders that you created in step 2:
   • Administrators: Full Control
   • IUSR_ComputerName : Read and Execute
   • System: Full Control
   • User: Full Control
   Note ComputerName represents the name of the server that is running IIS, and User represents the name of an FTP user.
5. Start Internet Services Manager, and then modify the content directory for the default FTP site to C:\inetpub\ftproot\FTPusers.
6. In Internet Services Manager, create a new FTP virtual directory for each FTP user. The new FTP virtual directory must point to the folder that you created for the user in step 2. Name each virtual directory exactly the same name as each user account that is used to log on to the FTP site. To do this, expand FTP Sites, right-click Default FTP Site, point to New, and then click Virtual Directory. Follow the steps in the Virtual Directory Creation Wizard.
7. On the Security Accounts tab for the default FTP site, make sure that the Allow anonymous connections check box is cleared.
   
   Notice that this option lets the user log on to that virtual directory by using Clear Text authentication. When that user logs on to the FTP site, the virtual directory that is set up is the root directory for that user. Only that user has rights to the virtual directory.
   
   Important When you use Clear Text authentication, passwords are sent in clear text and are not encrypted. This method may create a security vulnerability. For more information about security, visit the following Microsoft Web site:
   http://www.microsoft.com/security (http://www.microsoft.com/security)