Setting Active Directory User Isolation Using Iisftp.vbs (IIS 6.0)

You can use the command-line script iisftp.vbs, which is stored in systemroot\System32, to query and set Active Directory directory service properties for a user's File Transfer Protocol (FTP) home directory. For more information on user isolation, see Isolating FTP Users.

  Important

You must be a member of the Administrators group on the local computer to run scripts and executables. As a security best practice, log on to your computer by using an account that is not in the Administrators group, and then use the runas command to run your script or executable as an administrator. At a command prompt, type runas /profile /User:MyComputer\Administratorcmd to open a command window with administrator rights and then type cscript.exeScriptName (include the script's full path and any parameters).

This topic includes the following information:

Syntax: The order in which you type a command and any arguments and options that follow it.

Parameters: The values that are given to variables in the command.

Examples: Sample code and an explanation of the results.

Syntax

iisftp /GetADProp UserID [/s Computer [/u [Domain\]User /p Password]]

iisftp /SetADProp UserID {msIIS-FTPDir|msIIS-FTPRoot} PropertyValue [/s Computer [/u [Domain\]User/p Password]]

Parameters

/GetADProp

Returns property values for a specific Active Directory user.

/SetADProp

Sets the property values for a specific Active Directory user.

UserID

Required. Specifies the logon ID of the Active Directory user.

msIIS-FTPDir|msIIS-FTPRoot

Required to set the home directory properties. Specifies isolation at either the directory or root level.

PropertyValue

Required to set the home directory properties. Specifies the value of the home directory and relative path.

/sComputer

Specifies the name or IP address of a remote computer (with no backslashes). The default is the local computer.

/u[Domain\]User

Connects to the Active Directory with the permissions of the specified user account in the user or domain\user format. This account must be a member of the Administrators group on the remote computer. By default, the script runs with the permissions of the current user of the local computer.

/pPassword

Specifies the password of the user account that is specified in the /u parameter.

Examples

Example 1:

The following example returns the Active Directory properties of user "BSmith" on the local computer:

iisftp /GetADProp BSmith

In response, iisftp displays the following message, which is followed by the Active Directory properties for BSmith in the default domain. In this example, "Server" represents the machine name where drive D: is found, "Site Name" is the name you assigned to the FTP site, "Metabase Path" represents the metabase key assigned by IIS, "IP" is unassigned by default, "Port" is set to 21 by default, "Root" is the directory where the FTP files reside, "IsoMode" is set to "FTPRoot", and "Status" is set to "STARTED" by default.

Connecting to server ...Done.

Server = FTPServer

Site Name = Smittys

Metabase Path = MSFTPSVC/1452008083

IP = ALL UNASSIGNED

Port = 21

Root = D:\Public\Archives

IsoMode = FTPRoot

Status = STARTED

Example 2:

The following example sets the home directory properties in the Active Directory User object properties for user "Sales\MJones" on a remote computer:

iisftp /SetADProp Sales\MJones FTPDir MikesDir /s SVR16 /u Sales\Admin6 /p p@ssWor#

In response, iisftp displays the following message, which includes the Active Directory properties for MJones. In this example, "Server" represents the machine name where drive D: is found, "Site Name" is the name you assigned to the FTP site, "Metabase Path" represents the metabase key assigned by IIS, "IP" is unassigned by default, "Port" is set to 21 by default, "Root" is the directory where the FTP files reside, "IsoMode" is set to "FTPDir", and "Status" is set to "STARTED" by default.

Connecting to server ...Done.

Server = SVR16

Site Name = MikesDir

Metabase Path = MSFTPSVC/1452004045

IP = ALL UNASSIGNED

Port = 21

Root = D:\Public\Archives

IsoMode = FTPDir

Status = STARTED

Related Information

For information on creating FTP configurations, see Creating FTP Sites Using Iisftp.vbs.

For information on deleting FTP configurations, see Deleting FTP Sites Using Iisftp.vbs.

For information on starting FTP sites, see Starting FTP Sites Using Iisftp.vbs.

For information on stopping FTP sites, see Stopping FTP Sites Using Iisftp.vbs.

For information on pausing FTP sites, see Pausing FTP Sites Using Iisftp.vbs.

For information on listing FTP sites, see Listing FTP Sites Using Iisftp.vbs.



© 2016 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy & Cookies
Microsoft