Launch an FTP site on Windows Server (intra)

Page update date : Friday, February 17, 2023

Page creation date : Tuesday, February 23, 2021

The content of this page has been reworked in this page .

precondition

The contents introduced here are premised on the following conditions.

Basic authentication only
Do not use SSL
Use port 21
Intranetwork environment

Create an account for the FTP connection

Since you will set up a connection by basic authentication this time, create an account when connecting. You create a Windows user account.

Right-click on "Start Menu" and select "Computer Management".

コンピューターの管理

Right-click Users and select New User.

新しいユーザー

Specifies the user name and password to use when connecting by FTP.

ユーザー名とパスワードを入力

Prevents the user from logging on to Windows because the user you create will only be used for FTP connections. Double-click the user you created.

作成したユーザーをダブルクリック

Select the Groups I belong to tab and delete Users.

Users を削除

Create a folder to use for the FTP connection destination

Create a folder to use for uploading or downloading when you connect by FTP. You create a Windows physical folder.

You can create it anywhere you want. However, don't use folders tied to your Windows account or anywhere else that might change depending on your environment. Here we are creating "C:\FtpFolder\".

FTP 用フォルダ作成

Set permissions so that the FTP account can access the files in the folder. Open the properties of the folder you want to use for FTP and click the Edit button from the Security tab.

セキュリティ - 編集

Click the Add button.

Specifies the account for the FTP that you created. (I think that the server name in the figure is different, so please replace it with the target server name)

アカウント指定

Select the registered account and allow the "Modify" permission.

変更の権限を許可

Just in case, place a confirmation file to make sure you are connected properly when you connect by FTP.

確認用のファイル配置

Building an FTP server

Install the FTP server role on Windows Server.

Run Server Manager from the taskbar.

サーバーマネージャー

Click Add Roles and Features.

役割と機能の追加

Click Next.

開始する前に

Ensure that Role-Based or Feature-Based Installation is checked, and then click Next.

インストールの種類の選択

Ensure that the server on which you want to install the FTP server role is selected, and then click Next.

対象サーバーの選択

Check Web Server (IIS).

サーバーの役割の選択

A confirmation dialog is displayed, so click the "Add Function" button.

Web サーバー (IIS)

On the "Select Function" screen, do nothing and click "Next".

機能の選択

Click Next.

Web サーバーの役割 (IIS)

Check FTP Server.

役割サービスの選択

When you are done checking, click the "Install" button.

インストールオプションの選択

Wait until the installation is complete. Close the screen when the installation is complete.

インストールの進行状況

Building an FTP Site

Since you have just installed the FTP feature, you still don't have access to the FTP site. In this section, we will build an FTP site.

From Server Manager, select the Tools menu and select Internet Information Services (IIS) Manager.

ツール - インターネットインフォメーションサービス (IIS) マネージャー

Right-click Sites and select Add FTP Site.

サイト - FTP サイトの追加

Set the FTP site name to arbitrary. For Physical Path, specify the folder path for FTP that you created earlier.

サイト情報

I'll leave the binding as it is for now. Since SSL is not used this time, SSL is checked to "None".

バインドと SSL の設定

Since authentication is mandatory for the account, check only "Basic".

認証および承認の情報

When you return to the IIS Shopify admin, double-click FTP IP Address and Domain Restrictions to open it. Here you can limit the IP addresses of the PCs you can connect to. This setting is optional.

FTP IP アドレスとドメインの制限

From the Actions menu on the right, click Add Permission Entry.

許可エントリの追加

Here you can specify the IP addresses that can be connected. In the figure, the IP address is "192.168.0.0" and the mask is "255.255.255.0", so the range that can be accessed is "192.168.0.0 ~ 192.168.0.255". Find out for yourself what IP addresses and masks mean.

許可の制限規則の追加

Next, open FTP Authorization Rules. Here you can limit who can connect.

FTP の承認規則

From the Actions menu on the right, click Add Authorization Rule.

許可規則の追加

You can do it arbitrarily, but only FtpUser can access it by FTP.

許可の承認規則の追加

Firewall settings

Configure the firewall settings to allow FTP access from outside the server. For basic authentication without SSL, add a rule because it is not accessible with standard firewall settings.

From Server Manager, select the Tools menu and select Windows Firewall with Advanced Security.

セキュリティが強化された Windows ファイアウォール

Right-click Inbound Rules and choose New Rule.

受信の規則 - 新しい規則

Select Ports.

規則の種類

Select TCP and set the port number to 21.

プロトコルおよびポート

Check "Allow connection".

You can check all of them, but if it's an intranetwork, you can remove "public".

プロファイル

Keep the name of the rule you added descriptive. This completes the FTP site building.

Verifying the connection by FTP

Try to see if you can access it via FTP from another PC. If you can connect via FTP, you can use tools and so on. In the figure, it is accessed using FTP commands. For details on how to use it, please check "FTP command". Below are the simple steps.

Launch Command Prompt
Type ftp to start using the FTP command
Connect to the server with "Open < Server Name >"
Enter your username
Enter Password
Use the "ls" command to display a list of files and folders in the root folder
Disconnect FTP with "quit"

FTP 接続確認

Depending on the client, the firewall permission confirmation screen will be displayed, so allow it.

クライアントのファイアウォール

Schedule Windows Server backups arbitrarily

Fix Windows Update stops running