Active Directory Integration
Enable ftp access for Windows users. zFTPServer handles Windows or Active directory authentication automatically without the need to manually import users and sync user data.
zFTPServer can also override and complement user data, offering powerful, simplified management, and superior ease of use.
Available authentication methods
- Using an Active Directory / Domain
- Using a Windows Server (Local or Remote)
Multi-Domain support and Trusts
You may specify several domains (separated with pipe “|”); easily enabling AD trust relationships.
Additions to the Account management
Accounts or entire groups in zFTPServer can be connected to Windows accounts or security groups. If applied to users, it specifies certain account settings like login limits, bandwidth management, and special home directory contents. If applied to groups, it specifies defaults to all users belonging to that Windows group, making management of thousands accounts a breeze (using for instance the %USERNAME% token as a resource path).
Seamless authentication at login
Accounts and settings in zFTPServer always takes precedence and thus zFTPServer checks if the user…
… 1. exist as a regular account in zFTPServer?
… 2. exist as a Windows-connected account in zFTPServer?
… 3. pass Windows authentication?
After aquiring the relevant user data a regular login-attempt to the ftp server is performed. This means that restrictions and security settings can be specified in zFTPServer on accounts (users and groups) that are connected to Windows-accounts and thus effectively enforce all these powerful features of zFTPServer onto the Windows-accounts trying to login to the FTP server.
Windows account impersonation
Using this extension, it is possible to run each connection as the corresponding Windows user – effectively making all Windows access rights and security restrictions apply seamlessly. This means that a folder only a certain Windows user can read can be read by the ftp server pretending to be that user after the user has successfully connected to the ftp server. Of course, this also applies to network paths (UNC), making management a breeze.
Also, using the special Active Directory tokens (%AD_HOMEDIR%, %AD_COMMENT%, %AD_SCRIPT%), setting up management for Windows users is really a breeze. For example, if you specify the home directory in zFTPServer for the Windows integrated zFTPServer group “Domain users” to use %AD_HOMEDIR% as a resource path, all users will automatically have their own home directories.
Actually, the power of this extension goes way beyond anything currently on the market for FTP servers. Despite all this power, it is still a very elegant and easy to use solution.