Microsoft
Software
Hardware
Network
Question : Event ID 13, Could not access the home directory
First let me say my FTP Site with Active Directory User Isolation has functioned in the past until recently. Even now the behavior is very strange.
* I can still login with no issues
* A service account that was able to login previously with no issues, is no longer able to login , home directory inaccessible.
* New User accounts I create cannot access their home directories.
Here is my work flow for creating new users in ADUC and allowing them access to
FTP
.
1. Create new domain user account
2. Open domain User Account Properties, Select Member Of tab, add them to the FTP User Group
3. Open ADSI Edit, add entries for the users FTP root directory and folder.
4. Navigate to the ftp server, create the user home folder
5. Verify read, write, modify access on FTP
This is the folder structure that allows the user access
[ftp server]
Inetpub
- FTPROOT (FTP Users have full control over this directory)
- [User Directory]
All FTP user home directories are in this folder
So for ADSI Edit entries I would have
msIIS-FTPDir \[foldername] (I create this folder when needed)
msIIS-FTPRoot \\[servername]\ftproot\ (does not change for any user)
Notable items
* The local Administrator password was changed within the last 2 weeks
*The service account (used to move backups to the ftp) could no longer move the backups as of about 2 weeks ago
* I have tried deleting and recreating the FTP Site
* I have tried uninstalling and reinstalling IIS via add/remove windows components, I would think uninstalling and/or creating a new FTP site would negate any effect of changing the local administrator password.
Another strange point, when trying to get the UserIsolation Mode via ADSutil.vbs i get an error
Here's the command:
C:\Inetpub\AdminScripts\cs
cript adsutil.vbs get MSFTPSVC/63361983/UserIsol
ationMode
Here's the result:
Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All Rights reserved
ErrNumber: -2146646000 (0x800CC810)
Error Trying to GET the Object (GetObject Failed): MSFTPSVC/63361983
63361983 is the FTP Site in question
This is Windows 2003 SP1
Website I have already visited:
http://www.microsoft.com/t
echnet/com
munity/col
umns/insid
er/
default
.mspx
http://blog.crowe.co.nz/ar
chive/2006
/09.aspx
Answer : Event ID 13, Could not access the home directory
Just got off the phone with Microsoft. We ended up creating a new FTP SIte with Active DIrectory User Isolation. We created a new service account and granted it Domain Administrator permissions and it worked. Still doesn't explain why it worked in the past with the old service account without Domain Admin permissions...maybe a security patch? I am now waiting to here back regarding the minimum permissions required for the MSFTPSVC service account.
Random Solutions
DTSToDate Syntax Error?
Domain Administrator Login Problem with Vista.
PHP Calling MS SQL Stored Procedures
ActiveSync working, OMA notand giving either runtime error/Security Exception error when accessed.
Continuous subform using a DAO recordset/ Access 2000
varray in stored procedures
MOSS 2007 - Change authentication to LDAP.
"The connection to the exchange server has been restored"
Server 2003, Blocked local snapins in GP and can not now edit GP, Please help
Replace space in variable with _
