Serv-U MFT Server: User Logon with Active Directory Authentication

Serv-U MFT Server

Secure FTP server software that provides comprehensive security, automation, and centralized control for file transfers across your organization

Download Free Trial
Fully functional for 14 days

Video Transcript

Serv-U Managed File Transfer Server has native integration with Windows Active Directory. This lets you leverage Active Directory authentication for user logon, instead of authenticating against regular Serv-U user credentials, or those stored in a database.

Make sure Serv-U MFT Server is installed on a server that is a member of a Windows domain. You will be using this for user authentication.

Go to Users, Windows Authentication, and check the option 'Enable Windows Authentication.'

By default, Serv-U uses the home directory of the client’s Windows account. Sometimes there may or may not be any home directory associated with the Windows user account. Serv-U lets you change the setting by enabling this option. Optionally, enter the Windows domain name in the field below, and hit 'Save.'

When an Active Directory user logs into Serv-U, entering the Windows account username and password is sufficient. If the user is already logged into their Windows account, these credentials will be passed through for Serv-U authentication. Serv-U allows you to configure all Windows users in a group instead of configuring individual user accounts. All settings configured in this group are inherited by its members and can be used to change properties such as IP access rules, bandwidth limitations, or additional directory access rules.

By default, Windows and Active Directory user accounts do not require any directory access rules to be configured. This is because Serv-U applies the NTFS permissions of the user accounts. This eliminates the need for administrators to configure permissions beyond those already defined on the network, saving time and documentation efforts. However, for greater control, home directories and permissions can be manually configured and overridden in the Windows User Group Configuration page.

Serv-U MFT Server permits logon with multiple Active Directory or Windows accounts, as long as all these accounts are part of the same AD environment where Serv-U is installed.

For this to work, leave the “Windows Domain Name” field blank, in the Windows Authentication settings. Users must login with their full user principal name, which is typically There must be trust between all domains which the Serv-U MFT Server will authenticate.

For all users who are part of the Windows user group, you can easily create a virtual path and share folders.

Click on the 'Configure Windows User Group' button, and select the 'Virtual Paths' tab.

Now, add a Physical Path (C:\shared files) and a Virtual Path Name (%HOME%\company files)

When users login, their home directory will contain a shortcut to "C:\Shared Files" named "Company Files." This will be visible to all the users who belong to this Windows user group.

Using the Organizational Unit Group Settings, you can create additional Windows sub-groups to assign different permissions and settings.

First, you have to map your OU tree in the domain controller to the Windows user group in Serv-U. The Add and Add Child buttons will then help you easily create user groups. Now, you can edit and apply permissions to each of these sub-groups representing OUs in the Active Directory.

Serv-U MFT Server lets you safely and securely transfer files. For more information on Serv-U, contact