This file details the registry structure & specific values used by the
FTP Server service.


All FTP Server parameters "live" under the following key:

    HKEY_LOCAL_MACHINE
        System
            CurrentControlSet
                Services
                    FtpSvc
                        Parameters

The following values may exist under the Parameters key:

    Name:       AllowAnonymous
    Type:       REG_DWORD
    Meaning:    If this value is non-zero, then anonymous logons are allowed.
                Otherwise (value IS zero) anonymous logons are not allowed.
    Default:    1 (allow anonymous logons)

    Name:       AnnotateDirectories
    Type:       REG_DWORD
    Meaning:    If this value is non-zero, then everytime a user changes
                directories (sends the server a CWD command) an attempt is
                made to open a file called "~FTPSVC~.CKM" in the new
                directory.  If this file is found, its contents are sent
                to the user as part of the successful reply to the CWD
                command.  This may be used to attach "annotations" to
                specific directories.

                This value is used as a default for new users.  Users can
                toggle their own personal "annotate directories" flag with
                the site-specific CKM command (SITE CKM).
    Default:    0 (don't annotate directories)

    Name:       AnonymousOnly
    Type:       REG_DWORD
    Meaning:    If this value is non-zero, then only anonymous logons are
                allowed.  Otherwise (value IS zero) then non-anonymous
                logons are allowed as well.
    Default:    0 (non-anonymous logons allowed).

    Name:       AnonymousUserName
    Type:       REG_SZ
    Meaning:    Anonymous logon alias.  When a user attempts an anonymous
                logon, the username specified ("anonymous") is mapped to
                this registry value for the purposes off authentication
                and impersonation.  The password for this account is stored
                in an LSA secret object named "FTPD_ANONYMOUS_DATA".
    Default:    "Guest"

    Name:       ConnectionTimeout
    Type:       REG_DWORD
    Meaning:    The time (in seconds) to allow clients to remain idle before
                forcibly disconnecting them.  This prevents idle clients
                from consuming server resources indefinitely.

                This value may be set to zero if timeouts are not to be
                enforced.  If set to zero, idle clients *can* remain connected
                indefinitely.
    Default:    600 (10 minutes)

    Name:       DebugFlags
    Type:       REG_DWORD
    Meaning:    This value is used only by the debugging (checked) builds of
                the FTP Server.  It controls the output of various debugging
                information.  This value is unused by retail builds.
    Default:    0 (no debug output)

    Name:       ExitMessage
    Type:       REG_SZ
    Meaning:    This is the signoff message sent to a client upon receipt
                of a QUIT command.
    Default:    "Goodbye."

    Name:       GreetingMessage
    Type:       REG_MULTI_SZ
    Meaning:    This message (if it exists in the registry) is sent to new
                clients after their account has been validated.  In accordance
                with "de facto" Internet behaviour, if a client logs on as
                anonymous and specifies an identity starting with '-' (minus),
                then this greeting message is NOT sent.
    Default:    NULL (no special greeting)

    Name:       HomeDirectory
    Type:       REG_EXPAND_SZ
    Meaning:    This is the initial "home" directory for new clients.  After
                a new client is validated, an attempt is made to CHDIR to
                this directory.  If this directory is inaccessible, the client
                is refused FTP services.  If the CHDIR is successful, then
                an attempt is made to CHDIR to a directory with the same name
                as the client's username.  If this fails, an attempt is made
                to CHDIR to a directory called "Default".  If this fails,
                the current directory is left at "home".

                If a user finds that the home directory is inaccessible,
                then an event is written to the event log indiciating such.
    Default:    "C:\"

    Name:       LogAnonymous
    Type:       REG_DWORD
    Meaning:    If this value is non-zero, then all successful anonymous
                logons are logged in the system event log.  Otherwise
                (value IS zero) successful anonymous logons are not logged.
    Default:    0 (don't log successful anonymous logons)

    Name:       LogFileAccess
    Type:       REG_DWORD
    Meaning:    This value controls the logging of file accesses.  This value
                can be one of the following:

                        0 = Don't log file accesses
                        1 = Log file accesses to FTPSVC.LOG
                        2 = Log file accesses to FTyymmdd.LOG, where yy
                                is the year, mm is the month, and dd is
                                the day.  A new log file will be opened
                                every day as necessary.
    Default:    0 (don't log file accesses)

    Name:       LogFileDirectory
    Type:       REG_SZ
    Meaning:    This value specifies the target directory for log files.
                This value is only used if LogFileAccess is !0.
    Default:    %SystemRoot%\System32

    Name:       LogNonAnonymous
    Type:       REG_DWORD
    Meaning:    If this value is non-zero, then all successful nonanonymous
                logons are logged in the system event log.  Otherwise
                (value IS zero) successful nonanonymous logons are not logged.
    Default:    0 (don't log successful nonanonymous logons)

    Name:       LowercaseFiles
    Type:       REG_DWORD
    Meaning:    If this value is non-zero, then all file names returned by
                LIST and NLST commands for non-case-preserving filesystems
                will be mapped to lowercase.  If this value is zero, then
                all file names will be unaltered.
    Default:    0 (don't map filenames to lowercase)

    Name:       MaxClientsMessage
    Type:       REG_SZ
    Meaning:    This message (if it exists) is sent to a client if the maximum
                number of clients has been reached/exceeded.  This indicates
                that the server is currently servicing the maximum number of
                simultaneous clients and is refusing addtional clients.
    Default:    "Maximum clients reached, service unavailable."

    Name:       MaxConnections
    Type:       REG_DWORD
    Meaning:    This is the maximum number of simultaneous clients the server
                will service.

                This value may be set to zero if there is to be no limit on
                simultaneous clients.
    Default:    20

    Name:       MsdosDirOutput
    Type:       REG_DWORD
    Meaning:    If this value is non-zero, then the output of the LIST
                command (usually sent as a result of a DIR from the client)
                will look like the output of the MS-DOS DIR command.
                Otherwise (value IS zero) then the output of the LIST command
                will look like the output of the UNIX LS command.

                This value also controls "slash flipping" in the path
                sent by the PWD command.  If this value is non-zero, the path
                will contain backward "\" slashes.  If this value IS zero, the
                path will contain forward "/" slashes.
    Default:    1 (directory listings like MS-DOS)

    Name:       ReadAccessMask
    Type:       REG_DWORD
    Meaning:    This value is a bitmask and controls the "readability" of
                the various disk volumes in the system.  Drive A: corresponds
                to bit zero, drive B: is bit 1, drive C: is bit 2, etc.  A
                user may only read from a specific volume if the corresponding
                bit is set.
    Default:    0 (all read access denied)

    Name:       WriteAccessMask
    Type:       REG_DWORD
    Meaning:    This value is a bitmask and controls the "writability" of
                the various disk volumes in the system.  Drive A: corresponds
                to bit zero, drive B: is bit 1, drive C: is bit 2, etc.  A
                user may only write to a specific volume if the corresponding
                bit is set.
    Default:    0 (all write access denied)


There is an additional (optional) key that may exist under the Parameters
key.  After a user's account/password has been validated and the server is
impersonating that user, an attempt is made to open a key named "AccessCheck".
If this key exists, and the user cannot open it, then the user is denied
access to the FTP Server.  If this key exists, and the user can only open it
for read access, then the user is given read-only access to the FTP Server.
This way, an administrator can create this "AccessCheck" key and attach
specific ACLs to the key. These ACLs will then control access to the FTP
Server.

