PowerShell script to configure FTP User Isolotion Mode Attributes

As you may already know, with FTP User Isolotion Mode you can strict your users to browse only administrator configured directories.

For instance you can modify required attributes of userA and then UserA will only be able to access/browse “USERA directory”. Even He/she has access on other directories.

But in order to configure FTP User Isolotion Mode with active directory you need to set two interesting attributes:

msIIS-FTPRoot = Root FTP Directory

msIIS-FTPDir  = User Directory

If these above attributes are configured for a user, once this user access to server, FTP automatically redirect this user to msIIS-FTPDir directory under ms-IIS-FTPRoot directory.

To configure these attributes you can just open user properties in ADUC and configure settings under attribute editor.

image

But if you are planning to set these attributes for bunch of users, It may slow down the processes to configure one by one.

Here is a simple PowerShell script

that I just wrote. It gets username and user directory attributes from you.

Please note that configure ROOT directory in script since that will be same for all users. (ENTER ROOT FOLDER DIRECTORY)

Import-Module activedirectory
$username = Read-Host “Enter Username”
$DN = (Get-ADUser -Filter {Name -like $username}).DistinguishedName
$directory = Read-Host “Enter User Directory”
$objUser = [ADSI]”LDAP://10.44.1.23/$DN”
$objUser.Put(“msIIS-FTPDir”, “$directory “)
$objUser.Put(“msIIS-FTPRoot”, “ENTER ROOT FOLDER DIRECTORY“)
$objUser.setInfo()