SUMMARY
The name of a user in the form of user@domain.com is known as the user principal name (UPN). This step-by-step article describes how to allow UPN logon for the Microsoft File Transfer Protocol (FTP) service.
Enable UPN logon for FTP using IIS 5.0
Note that you can only enable UPN logon for FTP in a Windows 2000 domain environment. That is, you must have Active Directory running, and the user must be in a domain account in that directory.
Before you begin, verify that you are not experiencing the problem that is described in the following Knowledge Base article, and request the hotfix in the article if necessary:
299273 UPN logon option does not work after you apply fix from MS01-026 security bulletin
You can use either the Adsutil.vbs utility or the Mdutil.exe utility to allow UPN logon for the FTP service.
Enable UPN logon for FTP with Adsutil.vbs
To use the Adsutil.vbs file to enable UPN logon for FTP, you must add the
DefaultLogonDomain entry to the FTP service properties in the metabase and set the value to the backslash character (\).
For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:
184319
FTP Service's DefaultLogonDomain not available in MMC
Enable UPN logon for FTP with Mdutil.exe
To enable UPN logon for all local FTP sites, type the following at a command prompt:
mdutil.exe set msftpsvc/DefaultLogonDomain \
To enable UPN logon for the first FTP site, type the following at a command prompt:
mdutil.exe set msftpsvc/1/DefaultLogonDomain \
You cannot enable UPN logon for FTP by setting a backslash (\) for the root, as follows:
mdutil set /msftpsvc/1/root/DefaultLogonDomain \
For more information about Mdutil.exe, click the following article number to view the article in the Microsoft Knowledge Base:
240225
Description of Adsutil and MetaEdit utilities used to modify the metabase