Symptoms

Windows FTP user cannot connect: '530 User cannot log in', while trying to establish FTP connection locally using ftp.exe the following error is displayed:

530-user cannot log in.
Win32 error: The specified server cannot perform the requested opeation.
Error details: Home directory lookup failed.

Cause

The FTP user has been successfully authenticated, but the server could not retrieve the home directory from Active Directory. It can be caused either due to AD domain controller unavailability or DNS lookup issue.

Resolution

  1. Make sure that domain controllers are available from host in question.

  2. Make sure that Active Directory domain SRV record resolves correctly by all DNS servers used by the host in question. The list of DNS servers used by the host can be retrieved from properties of TCP/IPv4 protocol in Network and Sharing Center for each network connection. You can check the Active Directory domain SRV records using nslookup utility:

    C:\>nslookup
    Default Server:  UnKnown
    Address:  192.168.36.100
    
    > set type=all
    > _ldap._tcp.dc._msdcs.<ACTIVE_DIRECTORY_DOMAIN_NAME> <DNS_SERVER>
    

The DNS query above should return hostnames and IP addresses of all domain controllers in Active Directory domain. Please note that this DNS query should be checked using all DNS servers used by the host (you should put IP address of the DNS server in <DNS_SERVER> parameter in command above), in case if one of the DNS servers returns incorrect IP address of the domain controller change the DNS settings for network connection in order not use problem DNS server.

Internal content