FileZilla Server as a Windows Service with a Mapped Network Drive

Been meaning to write this up for the community and post it since December 2021. Finally doing it.

What are we trying to achieve?
Run FileZilla Server as a Windows Service and assign FTP users home drive / share folders on the network drive.

Why am I doing this?
If you Google it, people say it can't be done or can be done but people still have issues. Or can be done but no clear guidance.

What tools do I need?
You will need the following

Target audience for this guide?
A computer savvy person that is comfortable with command line tools and interpreting technical documentation.


What is the issue with using mapped drives?
When FileZilla Server runs as a Windows Service, it cannot access the mapped drive. This is because the Windows Service runs in a different user context to the mapped drive. Ie, the FileZilla Server service runs as SYSTEM account, and mapped drive runs as your USER account.

The issue presents itself in the administration console in the following image.



Example of a FTP user set with the mapped drive as their home drive.



How do we achieve FileZilla Server running as a service with access to the mapped drive?
The FileZilla Server administrative console runs in your USER context. The FileZilla Server running as a service runs in the SYSTEM context. They cannot access each other's environment and mapped drive. But we can mirror the users environment to the system environment so they are exactly the same.

So when a user's FTP home drive is set to Z:\ via the user running FileZilla Server administrative console, the FileZilla Server service will also have access to the same mapped drive.


Guide to setting up FileZilla Server as a Service with Mapped Drive.
Install FileZilla Server and the administrative console. When prompted for service settings, "installed as service, started with Windows".

Map the network drive as the logged-on user, this needs to be the exact mapping we use later - drive mapped as persistent.

Start cmd.exe with elevated rights, change directory to where psexec.exe is stored, and launch with this command.

Psexec.exe -s -i cmd.exe



Double check you are running as SYSTEM.
Run command below





Add/cache the credentials into the SYSTEM account, this is required to access the network share with cmdkey.exe

We cache the credentials with cmdkey to store them securely, none of this passwords in plain text please. If you want to know more about cmdkey, Google "Credential Manager" as this is the gui version for logged-on users. We need the command line version cmdkey, because we need to add the credentials in the SYSTEM context.

Use this command line

CMDKEY /add:<ServerName> /user:"<DomainOrServerName>\UserNameToAccessShare" /pass:<ThePassword>


For example, the share you are trying to access is on computer StorageServer and the username to access is below.



The command to cache the credentials is

CMDKEY /add:StorageServer /user:"StorageServer\JohnSmith" /pass:MyHiddenPassword




Check the key is added by running

CMDKEY /list