Configuring FTP user isolation with AD integration
The FTP component of IIS6 in Windows Server 2003 lets you isolate the FTP home directories of users from each other so one user can't browse the contents of another user's home directory. In addition to the default No Isolation option, you can create new FTP sites that use one of two isolation methods:
- User Isolation
- User Isolation with Active Directory integration
While the second method is more secure and easier to manage, the problem is that setting it up involves modifying the AD schema and that's not something most admins are familiar with how to do. It can also be dangerous to modify the schema since making a mistake could have serious consequences for Active Directory.
Well it turns out that IIS MVP Chris Crowe has created a tool to help you set up FTP User Isolation with AD Integration using only a few clicks of your mouse instead of the script-based method (iisftp.vbs) that Microsoft includes with IIS6. You can download the latest version of this tool from Chris's blog.
MVP Windows Server