FTP website in IIS with anonymous authentication requires username and password

Question

I have a FTP website in IIS 8 that I want to expose to public (non-authenticated visitors) that is configured using the following settings from here:

No SSL
Authentication: Anonymous (Basic authentication is disabled)
Allow access to: Anonymous Users
Read permission selected

Whenever I try to connect to the website externally using the ftp://mysite.com address, I am always prompted with a dialog that says:

Authentication Required - The server ftp://mysite.com:21 requires a username and password

I've tried every credentials (even for the users that have read permissions to folder that the website is pointing to) and still nothing. Basic Authentication is disabled for the website.

How can I configure the FTP site in order to allow external read access for any visitor?

PS: it is okay even with a solution that implies Basic Authentication in place since I can provide the users with an account on the server for my purposes, but even with Basic Authentication enabled and providing the correct credentials, it failed to authenticate.

Regards, Ionut

score 8 · Answer 1 · answered Jan 27 '19 at 03:57

8

Four things to check:

FTP Authentication->Anonymous Authentication->Enable, then edit, User:IUSR Pass:<blank>
FTP Authorization Rules->All Anonymous Users->Read
FTP User Isolation->Do not isolate. Start in: FTP root directory
Add the "IUSR" account to the root directory NTFS Security Permissions with Read, Read and Execute, and List Folder Contents.

answered Jan 27 '19 at 03:57

Shogan Aversa-Druesne

309
2
3

Nope, still asks for password, and doesn't take lUSR as username when logging in either. – AgentFire Nov 06 '20 at 21:27
It is IUSR, as in India, Uniform, Sierra, Romeo. Do not use an L for Lima. – Shogan Aversa-Druesne Jul 26 '21 at 05:06
Add the "Everyone" account to the root directory NTFS Security Permissions with Read and Write also work. – kjian Jun 30 '23 at 04:34

score 4 · Answer 2 · answered Jan 28 '15 at 12:50

4

I've had the same problem as you. I've solved it by giving NTFS default read permission to "Everyone" on the desired folder.

answered Jan 28 '15 at 12:50

B. Rodrigues

59
2

2

That did it. My chosen physical folder location lacked the permissions. – Steve Sep 13 '15 at 00:16

score 2 · Answer 3 · answered Jul 31 '14 at 02:40

Below is a pretty thorough write up on enabling Public/Anonymous FTP in Windows Server 2008 through 2012R2. I would double check your settings in the FTP Authentication section.

http://www.iis.net/configreference/system.applicationhost/sites/sitedefaults/ftpserver/security/authentication/anonymousauthentication

score 1 · Answer 4 · answered Oct 11 '17 at 11:37

1

You must add Anonymous Rule access.

Enable & add new rule for Anonymous access: FTP Authorization Rules > Add Allow Rule > All Anonymous Users

answered Oct 11 '17 at 11:37

dns

2,753
1
26
33

score 0 · Answer 5 · answered Oct 15 '18 at 12:30

I had this issue when I'd used a mapped drive path (T:\ in my case) as the 'Physical path' for my FTP site.

Changing to using the full drive path (D:\etc\etc) fixed it:

As I understand it that issue is caused by how Windows marries up permissions between a mapped directory and the actual physical directory it's mapping to.

score 0 · Answer 6 · answered Jun 24 '21 at 01:32

0

Changing NTFS permission by adding everyone to the folder with all permission solved the issue for me.

answered Jun 24 '21 at 01:32

dejavu

19
6

FTP website in IIS with anonymous authentication requires username and password

6 Answers6

Linked