Launch an FTP site on Windows Server (intra)

Page updated : Friday, April 10, 2020

Prerequisites

The contents of this list are based on the following conditions:

Basic authentication only
Do not use SSL
Use port 21
Intranet work environment

Create an account for an FTP connection

Because i set up the connection by basic authentication this time, I create an account when I connect. You will create a Windows user account.

Right-click Start Menu and select Computer Management.

コンピューターの管理

Right-click User and select New User.

新しいユーザー

Specify the user name and password to use when connecting via FTP.

ユーザー名とパスワードを入力

The user is not logged on to Windows because it is used only for FTP connections. Double-click the user you created.

作成したユーザーをダブルクリック

Select the Groups to belong to tab and delete Users.

Users を削除

Create a folder to use for FTP destinations

Create a folder to use for uploading or downloading when you connect with FTP. You create a physical folder in Windows.

You can create anylocation you want. However, don't place susset anywhere that might change depending on your environment, such as folders associated with your Windows account. We are creating "C:\FtpFolder\".

FTP 用フォルダ作成

Set permissions so that your FTP account can access files in the folder. Open the properties of the folder that you want to use for FTP, and then click the Edit button from the Security tab.

セキュリティ - 編集

Click the Add button.

Specify the account for FTP that you created. (I think the server name in the figure is different, so please replace it with the target server name.)

アカウント指定

Select the account you registered and grant the Change permission.

変更の権限を許可

Just in case, place the files to verify that you are connected properly when you connect via FTP.

確認用のファイル配置

Building an FTP Server

Install the FTP server role on Windows Server.

Run Server Manager from the taskbar.

サーバーマネージャー

Click Add Roles and Features.

役割と機能の追加

Click Next.

開始する前に

Make sure that role-based or feature-based installation is checked, and then click Next.

インストールの種類の選択

Make sure that the server on which you want to install the FTP server role is selected, and then click Next.

対象サーバーの選択

Check Web Server (IIS).

サーバーの役割の選択

A confirmation dialog appears, and click the "Add feature" button.

Web サーバー (IIS)

On the Select Features screen, do nothing and click Next.

機能の選択

Click Next.

Web サーバーの役割 (IIS)

Check FTP Server.

役割サービスの選択

When you're done, click the Install button.

インストールオプションの選択

Wait for the installation to complete. Close the screen when the installation is complete.

インストールの進行状況

Building an FTP site

You have just installed the FTP feature, so you still can't access the FTP site. This is where you build the FTP site.

From Server Manager, select the Tools menu and select Internet Information Services (IIS) Manager.

ツール - インターネットインフォメーションサービス (IIS) マネージャー

Right-click Sites and select Add FTP Site.

サイト - FTP サイトの追加

Set the FTP site name to any one. Physical Path specifies the folder path for FTP that you created earlier.

サイト情報

Let's leave the binding as it is for now. I don't use SSL this time, so i'll check SSL for None.

バインドと SSL の設定

Since authentication is required for accounts, check only "basic".

認証および承認の情報

When you return to the IIS administration screen, double-click FTP IP Address and Domain Restrictions to open it. Here you can limit the IP addresses of pCs that you can connect to. This setting is optional.

FTP IP アドレスとドメインの制限

From the Action menu on the right, click Add Allow Entry.

許可エントリの追加

You can specify which IP addresses you can connect to here. In the figure, the IP address is "192.168.0.0" and the mask is "255.255.255.0", which can be accessed from 192.168.0 to 192.168.0.255. Check the meaning of ip addresses and masks.

許可の制限規則の追加

Then open FTP Authorization Rules. Here you can limit who can connect.

FTP の承認規則

From the Actionmenu on the right, click Add Authorization Rule.

許可規則の追加

You can set it anyway, but only FtpUser is available for FTP access here.

許可の承認規則の追加

Firewall settings

Configure the firewall so that ftp access is accessible from outside the server. For basic authentication that does not use SSL, add rules because they are not accessible in standard firewall settings.

From Server Manager, select the Tools menu and select Windows Firewall with Enhanced Security.

セキュリティが強化された Windows ファイアウォール

Right-click Inbound Rules and select New Rule.

受信の規則 - 新しい規則

Select Port.

規則の種類

Select TCP to set the port number to 21.

プロトコルおよびポート

Check allow connections.

You can check everything, but if it's intranet work, you can remove public.

プロファイル

Make the rule you added a descriptive name. This completes the construction of the FTP site.

Ftp connection verification

Try to see if it can be accessed via FTP from another PC. You can use tools and so on as long as you can connect with FTP. In the figure, you are accessing it using ftp commands. Check out the FTP commands for more information. Here's a simple step.

Launch command prompt
Type "ftp" to start using the FTP command
Connect to the server with open <server name>
Enter your user name
Enter your password
"ls" command displays a list of files and folders in the root folder
Disconnect FTP with quit

FTP 接続確認

Depending on the client, the firewall permission confirmation screen will be displayed, so you can leave it allowed.

クライアントのファイアウォール

Prevent sleep from being lifted on its own

Fix an issue where Windows Update can't run