[This is preliminary documentation and subject to change]

Anonymous FTP Authentication

You can configure your FTP server to allow anonymous access to FTP resources. If you select Anonymous FTP authentication for a resource, all requests for that resource are taken without prompting the user for a user name or password. This is possible because IIS automatically creates a Windows user account called IUSR_computername, where computername is the name of the server on which IIS is running. This is very similar to Web-based Anonymous authentication. If Anonymous FTP authentication is enabled, IIS always try to use it first, even if you enable Basic FTP authentication.

To enable the anonymous FTP authentication method

Digest and Integrated Windows authentication cannot be used with FTP sites. Available authentication settings must be set at the site level for FTP sites.

  1. Create a Windows user account appropriate for the authentication method. If appropriate, add the account to a Windows user group. For more information about creating Windows user accounts, see Securing Your Files with NTFS.
  2. Configure NTFS permissions for the directory or file for which you want to control access. For more information, see Setting NTFS Permissions for a Directory or File.
  3. In the IIS snap-in, select a site, directory, or file, and open its property sheets.
  4. Select the Security Accounts property sheet, and select the Allow Anonymous Connections check box.
  5. In the Username and Password text boxes, enter the anonymous logon user name and password you want to use. The user name is the name of the anonymous user account, which is typically designated as IUSR_computername. Clear the Allow IIS to control password check box to change the password.
  6. Select the Allow IIS to control password check box to synchronize the password with the Windows user account.

  7. note Note    Password synchronization can only be used with anonymous user accounts defined on the local computer and does not work with anonymous accounts on other computers on the network.

  8. Select the Allow only anonymous connections check box to require all users to log on as anonymous users.
  9. Click OK.
  10. Set the appropriate NTFS permissions for the anonymous account. For more information, see Setting NTFS Permissions for a Directory or File.

important Important    If you change the security settings for your Web site or virtual directory, your Web server prompts you for permission to reset the security settings for the child levels of under that site or directory. If you choose to accept these settings, the child levels inherit the security settings from the parent site or directory. For more information about setting properties, see Configuring the Metabase.

© 1997-2001 Microsoft Corporation. All rights reserved.