Converting an Existing FTP Site to Isolate Users Using Active Directory Mode (IIS 6.0)
You can convert an existing FTP site to Isolate users using Active Directory mode after you upgrade to Windows Server 2003. Before you convert an existing FTP site to the Isolate users using Active Directory mode, complete the following procedure.
To prepare to convert an existing FTP site to Isolate users using Active Directory mode
Plan user distribution over your network file server resources.
Create server shares and user directories for all users that have access to FTP.
Make sure to create a directory for anonymous access (if you want to enable anonymous user connections).
For each user, set the msIIS-FTPRoot and msIIS-FTPDir properties in Active Directory to point to the new home directory using Iisftp.vbs, by typing the following at the command line:
Iisftp.vbs /SetADProp UserName FTPRoot Server\Share
Iisftp.vbs /SetADProp UserName FTPDir Directory
For complete Iisftp.vbs syntax, see Setting Active Directory User Isolation Using Iisftp.vbs, or type Iisftp.vbs /SetADProp /?at the command prompt.
You can complete the conversion by using the FTP Site Creation Wizard (recommended), or by following the procedure below to configure the metabase.
To convert an existing FTP site to Isolate users using Active Directory mode
In IIS Manager, click the local computer, double-click the FTP Sites folder, right-click the FTP site that you want to convert, and then click Stop.
Move existing user content into the new directories.
Edit the metabase directory or use adsutil.vbs to configure the following metabase properties:
UserIsolationMode: Set to 2.
ADConnectionUserName: Set to a user that has permission to read Active Directory properties. Use Domain\UserNameformat.
ADConnectionPassword: Set to the password for the user in ADConnectionUserName.
DefaultLogonDomain: Set to the default domain name.
For the site root virtual directory: Set the Path property to an empty string, and add the value AccessNoPhysicalDirto the AccessFlagsproperty, using the | operator; for example: AccessFlags=AccessRead|AccessNoPhysicalDir.
AllowAnonymous, AnonymousUserName, and AnonymousPassword: See To enable anonymous access for the Isolate Users Using Active Directory FTP site earlier in this topic for information on how to set these properties.
Before you edit the metabase, verify that you have a backup copy that you can restore if a problem occurs. For information about how to do this, see Working with the Metabase.
In IIS Manager, click the local computer, double-click the FTP Sites folder, right-click the converted FTP site, and then click Start.