All of a sudden non of my users can connect - error: wrong password

Advertisement

mcpeterc
Joined:
Posts:
9

All of a sudden non of my users can connect - error: wrong password

Hi.

I have a Windows server 2016 that runs a IIS ftp site. My users connect via port 990 and all worked fine a couple of days ago. Now when they log on I get this error:
TLS connection stablished. Waiting for welcome message... Access denied
I checked the following:
  • All users have write/write access to their own home-folder. Both on OS level and within IIS
  • Reset the password so I'm 100% positive that the PW is the right one.
  • Turned off the local firewall
I use User isolation. I tried to give 'All Users' Read,Write access – that did not help
Can anyone help?

This is the log
log:
* 2020-03-05 12.35.03.724 (ESshFatal) 
. 2020-03-05 12.35.05.965 --------------------------------------------------------------------------
. 2020-03-05 12.35.05.966 WinSCP Version 5.15.3 (Build 9730) (OS 10.0.17763 - Windows 10 Enterprise)
. 2020-03-05 12.35.05.966 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2\
. 2020-03-05 12.35.05.966 Log level: Normal
. 2020-03-05 12.35.05.966 Local account: DESKTOP-VEK9I3I\Admin
. 2020-03-05 12.35.05.966 Working directory: C:\Program Files (x86)\WinSCP
. 2020-03-05 12.35.05.966 Process ID: 15740
. 2020-03-05 12.35.05.966 Command-line: "C:\Program Files (x86)\WinSCP\WinSCP.exe" 
. 2020-03-05 12.35.05.966 Time zone: Current: GMT+1, Standard: GMT+1 (Romance Standard Time), DST: GMT+2 (Romance Daylight Time), DST Start: 29/03/2020, DST End: 25/10/2020
. 2020-03-05 12.35.05.967 Login time: Thursday, 5 March 2020 12.35.05
. 2020-03-05 12.35.05.967 --------------------------------------------------------------------------
. 2020-03-05 12.35.05.967 Session name: xxxx@89.xxxxxxx (Site)
. 2020-03-05 12.35.05.967 Host name: 89.xxxxxxxx (Port: 990)
. 2020-03-05 12.35.05.967 User name: xxxxx (Password: Yes, Key file: No, Passphrase: No)
. 2020-03-05 12.35.05.967 Transfer Protocol: FTP
. 2020-03-05 12.35.05.967 Ping type: Dummy, Ping interval: 30 sec; Timeout: 15 sec
. 2020-03-05 12.35.05.967 Disable Nagle: No
. 2020-03-05 12.35.05.967 Proxy: None
. 2020-03-05 12.35.05.967 Send buffer: 262144
. 2020-03-05 12.35.05.967 UTF: Auto
. 2020-03-05 12.35.05.967 FTPS: Implicit TLS/SSL [Client certificate: No]
. 2020-03-05 12.35.05.967 FTP: Passive: Yes [Force IP: Auto]; MLSD: Auto [List all: Auto]; HOST: Auto
. 2020-03-05 12.35.05.967 Session reuse: Yes
. 2020-03-05 12.35.05.967 TLS/SSL versions: TLSv1.0-TLSv1.2
. 2020-03-05 12.35.05.967 Local directory: C:\Users\Admin\Documents, Remote directory: /, Update: Yes, Cache: Yes
. 2020-03-05 12.35.05.967 Cache directory changes: Yes, Permanent: Yes
. 2020-03-05 12.35.05.967 Recycle bin: Delete to: No, Overwritten to: No, Bin path: 
. 2020-03-05 12.35.05.967 Timezone offset: 0h 0m
. 2020-03-05 12.35.05.967 --------------------------------------------------------------------------
. 2020-03-05 12.35.06.005 Connecting to 89.xxxxxxx:990 ...
. 2020-03-05 12.35.06.005 Connected with 89.xxxxxxxxx:990, negotiating TLS connection...
. 2020-03-05 12.35.06.022 Verifying certificate for "" with fingerprint fe:3b:17:xxxxxx and 20 failures
. 2020-03-05 12.35.06.022 Certificate for "" matches cached fingerprint and failures
. 2020-03-05 12.35.06.022 Using TLSv1.2, cipher TLSv1/SSLv3: ECDHE-RSxxxxx, 2048 bit RSA, ECDHExxxxxxx TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
. 2020-03-05 12.35.06.047 TLS connection established. Waiting for welcome message...
< 2020-03-05 12.35.06.047 220 Microsoft FTP Service
> 2020-03-05 12.35.06.047 USER xxxx
< 2020-03-05 12.35.06.047 331 Password required
> 2020-03-05 12.35.06.047 PASS *************
< 2020-03-05 12.35.06.048 530 User cannot log in, home directory inaccessible.
. 2020-03-05 12.35.06.048 Connection failed.
. 2020-03-05 12.35.06.062 Password prompt (last login attempt failed)

Reply with quote

Advertisement

mcpeterc
Joined:
Posts:
9

Problem seems to found:

There was double rules on 'FTP Authorization Rules' on both level FTP (shown here) and the same rules was on the localuser folder with holds each users isolated folder (shown here)

Apparently that's a no-go. Does anyone have any experience with this behavior?

Best regards

Reply with quote

Advertisement

You can post new topics in this forum