FileZilla Forums

to give you the general idea of what I'm trying to accomplish, here's the scenario...

We have a few web servers that have a bunch of websites on them (all running in IIS 6.0) and most of them have FTP sites associated with them so that the users with admin rights to each sites wwwroot folder can maintain their own code through an FTP client such as FileZilla. All the users with admin rights are granted those rights through an AD group in one of many domains. What we are trying to accomplish is to transform these sites into SFTP sites or FTPS sites (over port 22 instead of port 21) instead of FTP sites with little to no work on setting up additional site admin groups.

Basically what we're looking for is...

1) A product that will make our current FTP sites which run over port 21 to be SFTP sites or FTPS sites that run over port 22.
2) A product that integrates with AD so that no users or groups will need to be created manually...the product would simply mirror the folder permissions for each site at the wwwroot level on the web servers file system.

I'm assuming we can't just switch every FTP site on the server to port 22 then force all the end users in each of the sites admin groups to make their client FTP connection using SFTP or FTPS protocol from the FileZilla client can we? Wouldn't we need some type of product to install on the web servers that enables SSH or port 22 traffic for this to work?

Thanks for any recommendations!

SFTP and FTPS have nothing in common, they are completely different protocols. FTPS is actually regular FTP with a TLS wrapper. SFTP is not based on FTP at all and uses SSH for the encryption.

SFTP uses port 22.

Explicit FTPS (recommended) uses port 21, implicit FTPS (deprecated) uses port 990.



I've never used AD, so I've no idea.

Okay, so the websites in IIS are all behind an SSL cert which forces 128 bit encryption over HTTPS. However the FTP sites that that coincide with the websites just communicate over FTP using port 21.

Example:
Website is setup to D:\Sites\mywebsite.com\wwwroot running over port 443
FTP site is setup to D:\Sites\mywebsite.com\wwwroot running over port 21

How do I secure the FTP site? So that usernames and passwords are not sent over clear text when using an FTP client to transfer files to the D:\Sites\mywebsite.com\wwwroot directory?

Which FTP server software are you using?

IIS 6.0

This forum is for support with FileZilla and FileZilla Server.

I strongly recommend FileZilla Server over IIS FTP. IIS FTP has bugs and problems with resuming, for example. But FileZilla Server has no AD.

I don't know of a good free solution for your problems, sadly. The server I'm using (zFTP) has support for FTP, FTP(E)S, SFTP, as well as AD integration+Windows account impersonation. Not free, however.

My solution doesn't have to be free. This zFTP is it something I can install right on my Windows 2003 web servers? Will I have to recreate all the FTP sites currently in IIS in this zFTP application?

Compatible with Windows 98, 2000, 2003, Vista, 7.

If you're using Windows account integration, no.

I'd just recommend trying it out, you can activate a full featured test mode for 30 days. http://zftpserver.com

I hope botg doesn't mind the link. But it's not like he's losing paying customers, right.