FTP with user isolation is a magic feature that microsoft introduced since IIS 7.5. It’s similar to chroot in linux that each user is jailed in each his own directory ;P. Each user’s directory is isolated from other users’ directories, so that other users’ cannot see each other’s directory which is a good security option.If you are looking for Graphical Method to setup FTP with user isolation in IIS console, there is my another blog post for that.
In this blog post, I will show you how you can script to automate this setup. It is quite a large script & I do not use IIS cmdlets that is available only in server Windows 8, Windows 10, Server 2012, Server2012R2 because IIS 7.5 which is available in Server 2008R2 do not have cmdlets to configure IIS specifically.. So, editing the IIS xml configuration is the way to go. If you are running the script on Server 2008R2, you need to install powershell 3.0 first (To install Powershell 3.0 on Server2008R2, you will need Server2008R2 SP1 with .Net framework 4.0 installed). I commented in the script before each sections so that powershell users can easily understand the code/logic. You can also create ftp administrator with -AdminIncluded option to browse the uploaded files in all directories. Also, don’t forget to run the script from elevated powershell command. Script is also provided in this post.
Example usages are:
1) To setup FTP user isolation with FTP Administrator account. FTP Site name is “My-First-FTP” and Port is 21. User name list is created under c:userlist.csv
.\Create_FTP_Local_User_Isolation.ps1 -FtpSiteName My-First-FTP -Port 21 -AdminIncluded -UserListCsv c:userlist.csv
2) To setup FTP user isolation without FTP Administrator account with the default site name,port and SSL.
.\Create_FTP_Local_User_Isolation.ps1 -RequireSSL -UserListCsv c:userlist.csv
I put some pictures for reference. I first run the script to create 4 ftp users. Then, I included Admin on the next run. See Fig-1.
You can download my script from github.