Posted by arlene

To manage the basic FTP server on a Windows Server 2003 system, follow these steps:

1. Click Start, All Programs (Programs for Windows 2000) Administrative Tools, Internet Services (IIS) Manager.
2. The MMC console starts with the IIS snap-in. Click on the IIS server you want to manage (in this example, FTP sites).
3. Right-click on the FTP site you want to manage (the Default FTP site in our example) and select Properties.

The properties pages for the FTP server can then be used to configure the server.

The Default FTP Site Properties page appears in this figure with the first tab (FTP Site) selected. You can use the Description field to change this from default to a more meaningful name. This can be useful if you’re using the MMC to manage multiple FTP sites on the same server or on other servers. The IP Address field can be used to select an IP address that the FTP service will use when listening for incoming requests, and the TCP Port field can be used to set which TCP port will be used for the service. In this example, the standard TCP port number of 21 is shown.

Other fields on this tab are fairly self-explanatory, enabling you to set the maximum number of users that can be connected to the server simultaneously and the number of seconds after which an idle session will be automatically disconnected from the server. At the bottom of this first property page, you can also enable logging for the service. The Active Log Format drop-down menu enables you to choose from

• Microsoft IIS Log File Format—This is a standard ASCII text file format. If you use this format, the information that’s stored in the log file is fixed.
• W3C Extended Log File Format—This also is an ASCII text file, but one that you can customize to select what events to log. This is the default format for the IIS FTP server.
• ODBC Logging—This can be used to direct logging data to an ODBC-compliant database.

The Properties button to the right of this drop-down menu enables you to further configure properties for the log file. For the Microsoft IIS log file format, there’s not much you can configure. The data that is written to the log file is a standard set of data. You can use the Properties button to configure when a new log file is created—this can range from hourly, daily, weekly, or monthly. Or you can set a maximum size to which the file can grow before a new file is created. Additionally, you can set the location of the log file. The default is %WinDir% \ System32 \ LogFiles, where %WinDir% is a variable that resolves to the Windows system directory.

For the W3C extended log file format, you have many more options. In addition to being able to configure the same options about how or when a new log file is created and the location of the log file, this format has an additional tab labeled Advanced.

There are far too many data items to discuss but you need to be aware that you can create a customized log file that stores just the information you need. You might find that on an anonymous FTP server, you don’t care much about what data is stored in the log file, whereas on a server that provides for a secure logon, you might want to collect extensive data about the users of your system. To find out the meaning of each of these logging options, click the Help button and a brief description of each item will be displayed.

Caution.

When using an FTP server that requires authentication using a username/password, you can usually be sure that a malicious user won’t abuse your site. However, when using anonymous FTP, you need to be aware that a simple hack is to use this anonymous account to fill up the allocated space so that other users cannot use the anonymous login.

Other tabs on the FTP Site Properties page include

• Security Accounts—Use this tab to allow or disallow anonymous access to the FTP server. If you allow anonymous FTP connections, you also can configure the user account that will be used for these connections.
• Messages—This tab enables you to input text that’s presented to the user when logging in to and upon exiting the service. You also can enter a message that will be displayed to users who try to log on to the server when the maximum number of user sessions has already been reached.
• Home Directory—This tab enables you to configure the home directory for this FTP service. You can select a directory that’s local to the server or a directory that’s offered as a file share from another computer. If you choose the file share option, you’ll be prompted to enter authentication information needed to connect to the file share. The default directory is c: \ inetpub \ ftproot. Here you can select whether the directory can be read, written to, or both. You also can select to allow logging for this directory. Finally, this tab can be used to specify how directory listings are displayed to users. You can choose between the standard MS-DOS format and the standard Unix format.
• Directory Security—This tab is important because it enables you to decide which computers (or IP addresses) will be allowed to connect to the service. You can choose to allow all computers access and then specify a number of specific computers to exclude from access, or you can choose to deny access to all computers and then add in only those specific addresses you want to allow to use the service.

Note

When using the Directory Security tab to allow or deny access to the FTP service, remember that some computers use a proxy server. This is typically found when the computer to which you want to grant access is on the other side of a fire- wall. In this case, the address of the firewall (acting as a proxy server) uses its address when sending connection requests instead of the actual address of the client computer. If you allow (or deny) access in this manner, any computer that uses the proxy server will be allowed (or denied) access.

1. As you can see, the FTP service enables you to control who can access your server and to log each visit in detail. You can create additional FTP sites on the same computer. For example, if you have multiple network adapters or if you assign multiple IP addresses to the same adapter, you can create additional FTP sites on the same server. To add additional FTP sites on this server:
2. Highlight the computer server’s name in the left pane of the MMC console. Click on Action, select New, and then FTP Site.
3. A wizard appears and prompts you through creating the site, enabling you to enter the necessary information, such as a description of the site, the IP address to use, and so on.

Of course, after you’ve created an additional site, you can further refine how it operates by using the properties pages for that site.

Possibly related posts: (automatically generated)
Managing the FTP Service on Windows Server 2003

• Installing DNS on a Windows Server
• The Active Directory Service and Windows Server 2003
• Windows Internet Name Service part 1
• The Active Directory and Dynamic DNS continue...
• The Active Directory and Dynamic DNS
• Improving Security
• Managing the Windows 2000 WINS Server
• Installing and Configuring a DHCP Server on
• Network and Programming: the .Net framework
• Managing on Windows 2000 Server Telnet Server
• Should You Continue to Use Windows 2000 Professional or Move to Windows XP Professional?