IIS 7.5 FTP 530 User cannot log in, home directory inaccessible.

FTP 530 User cannot log in, home directory inaccessibleThere are a ton of articles out there addressing IIS permissions issues that result in the error message “FTP 530 User cannot log in, home directory inaccessible.”  I’m not going to repeat them here.  What I am going to share is what to do when you’ve followed all of those articles and it still does not seem to work.

Let me review the problem. 

Since the introduction of IIS 7.0 and now with 7.5, Microsoft has changed ftp authentication and authorization. This can be confusing because there are two critical steps that must be performed to ensure that a user will actually gain the access they need.  First you must set the permissions on the folder they will be accessing then authorize the user in IIS under FTP authorization rules.

How to fix FTP 530

Here’s the kicker.  If you do this in the wrong order, everything will appear correct but you will get an “Error FTP 530 User cannot log in, home directory inaccessible.”

Use this process in the right order to correct the problem:
  1. Remove FTP publishing from the site.
  2. Restart IIS
  3. Verify that the users have proper permissions to the folder you want them to use.
  4. Add FTP publishing back to the site.
  5. Add the user to the ftp authorization rules.
  6. Verify that the problem is gone.
Why does it break?  No one seems to know.

This problem does not happen every time. I have yet to understand if there is any pattern to it other than the order that permissions and authorization are set.  Even when they are set in the right order, I have seen this break when adding a new user.

If you read my article, “IIS 7 FTP problematic for PCI compliance” . You will see why I don’t recommend using IIS for FTP in the first place.