Launch an FTP site on Windows Server (Intra)

Page creation date : Tuesday, February 23, 2021

The contents of this page have been newly re-created on this page.

Prerequisites

The contents introduced here assume the following conditions.

Basic authentication only
Do not use SSL
Use port 21
Intranet work environment

Create an account with an FTP connection

This time, we will set up a connection by basic authentication, so create an account when connecting. You create a Windows user account.

Right-click Start Menu and select Manage Computers.

コンピューターの管理

Right-click Users and select New User.

新しいユーザー

Specifies the user name and password to use when connecting via FTP.

ユーザー名とパスワードを入力

Prevent users from logging on to Windows because they are only used with FTP connections. Double-click the user you created.

作成したユーザーをダブルクリック

Select the "Groups you belong to" tab and delete Users.

Users を削除

Create folders to use for FTP destinations

Creates a folder to upload or download when connected via FTP. You create a physical folder in Windows.

You can create it anywhere you want. However, don't use folders associated with your Windows account or other locations that may change depending on your environment. Here we are creating "C:\FtpFolder\".

FTP 用フォルダ作成

Set permissions to allow ftp accounts to access files in folders. Open the folder properties that you want to use for FTP, and then click the Edit button from the Security tab.

セキュリティ - 編集

Click the "Add" button.

Specifies the account for FTP that you created. (I think that the server name in the figure is different, so replace it with the target server name)

アカウント指定

Select the account you registered and allow the "Change" permission.

変更の権限を許可

Just in case, make sure you have a file in place to make sure you're connected properly when you connect via FTP.

確認用のファイル配置

Build an FTP server

Install the FTP server role on Windows Server.

Run Server Manager from the taskbar.

サーバーマネージャー

Click Add Roles and Features.

役割と機能の追加

Click Next.

開始する前に

Make sure role-based or feature-based installation is checked, and then click Next.

インストールの種類の選択

Verify that the server on which you want to install the FTP server role is selected, and then click Next.

対象サーバーの選択

Check web server (IIS).

サーバーの役割の選択

A confirmation dialog will be displayed, and click the "Add Function" button.

Web サーバー (IIS)

On the "Select Features" screen, click "Next" without doing anything.

機能の選択

Click Next.

Web サーバーの役割 (IIS)

Check ftp server.

役割サービスの選択

When you are done, click the "Install" button.

インストールオプションの選択

Wait for the installation to complete. Close the screen when the installation is complete.

インストールの進行状況

Building ftp sites

I just installed the FTP feature and still can't access the FTP site. In this section, you'll build an FTP site.

From Server Manager, select the Tools menu and select Internet Information Services (IIS) Manager.

ツール - インターネットインフォメーションサービス (IIS) マネージャー

Right-click Sites and select Add FTP Site.

サイト - FTP サイトの追加

Set the FTP site name arbitrarily. Physical Path specifies the folder path for FTP that you created previously.

サイト情報

Leave the bindings as they are. Since ssl is not used this time, check ssl as "no".

バインドと SSL の設定

Since authentication is required for accounts, check only "Basic".

認証および承認の情報

When you return to the IIS management screen, double-click FTP IP Address and Domain Restrictions to open it. Here you can limit the IP address of the PC you can connect to. This setting is optional.

FTP IP アドレスとドメインの制限

From the "Actions" menu on the right, click "Add allowed entry".

許可エントリの追加

Here you can specify the IP address that you can connect to. In the figure, the IP address is set to 192.168.0.0 and the mask is set to 255.255.255.0, which allows access from 192.168.0.0 to 192.168.0.255. Find out what your IP address and mask mean.

許可の制限規則の追加

Next, open FTP Authorization Rules. Here you can limit who can connect.

FTP の承認規則

From the "Actions" menu on the right, click "Add permission rules".

許可規則の追加

You can set it arbitrarily, but only FtpUser is available via FTP.

許可の承認規則の追加

Firewall settings

Configure the firewall so that ftp can access it from outside the server. For basic authentication without SSL, add rules because standard firewall settings do not allow access.

From Server Manager, select the Tools menu and choose Windows Firewall with added security.

セキュリティが強化された Windows ファイアウォール

Right-click "Rules of Reception" and select "New Rule".

受信の規則 - 新しい規則

Select Ports.

規則の種類

Select TCP and set the number of ports to 21.

プロトコルおよびポート

Check Allow connections.

You can check everything, but you can remove "public" if it is intranet work.

プロファイル

Make the rules you add a descriptive name. This completes the construction of the FTP site.

Ftp connection confirmation

Try to make sure that other PCs can access it via FTP. If you can connect via FTP, you can use tools, etc. In the figure, it is accessed using the FTP command. For more information, see ftp commands. Here are a few simple steps:

Launch command prompt
Type ftp to start using the FTP command
Connect to server with "open <server name>"
Enter a user name
Enter password
"ls" command displays a list of files and folders in the root folder
Disconnect FTP with quit

FTP 接続確認

Some clients will display a firewall permission confirmation screen, so allow it.

クライアントのファイアウォール

Schedule Windows Server Backup arbitrarily

Fix an issue where Windows Update can't run