Editing Securing your Windows Service installation (section)

=== Add filezilla user to Windows ===
In Windows Professional
# press '''&laquo;'''WINDOWS'''&raquo;''' + '''&laquo;'''R'''&raquo;'''; "Run" dialog appears
# type in "lusrmgr.msc" and hit '''&laquo;'''ENTER'''&raquo;'''; "Local Users and Groups" MMC Console appears
# navigate to "Users" folder, right click to white space and select "New User" from popup menu; "New User" dialog appears.
# fill-in the dialog like this:
#* user name "filezilla" 
#* type in password (this is required)
#* uncheck "User must change password at next logon",
#* check   "Password never expires"
#* check   "User cannot change password"
#* uncheck "Account is disabled"
# click "Create"; "filezilla" user is created
# right click "filezilla" user and select "Properties"; "Properties" dialog appears
# double check on the "Member Of" that only user group this account belongs to, is "Users"
# click "OK"; dialog closes
# close "Local Users and Groups" window

In Windows Home Edition
#press '''&laquo;'''WINDOWS'''&raquo;''' + '''&laquo;'''R'''&raquo;'''; "Run" dialog appears
#type in "netplwiz" and hit «ENTER»; the "User Accounts" window appears
#click "Add..."; a user creation blue wizard appears
#click "Access without a Microsoft Account"
#click the "Local Account" button
#add a new user, filling in the required field:
#*user name "filezilla"
#*type in password (this is required)
#*type in password again (this is required)
#*fill the password hint with some random characters
#click "Next"; "filezilla" user is created
#click "End"; "filezilla" uesr is listed together with the other user accounts 
#close "User Accounts"

Or, '''alternatively''', in any Windows Edition

don't do what follows, if you have already created a "filezilla" user with one of the procedures above. You may choose the following procedure as an alternative of the two previous, because it is safer: putting "filezilla" user in its' own group, is way better than adding it into the "Users" group.

#Copy and paste one by one the following commands, in a "CMD" window run as Administrator:
#*<code>net user filezilla * /add</code>; "filezilla" user is created in the "Users" group
#*when prompted, type a password for "filezilla" user (this is required)
#*<code>net localgroup filezilla-users /add</code>; "filezilla-users" group is created
#*<code>net localgroup filezilla-users filezilla /add</code>; "filezilla" user is added to "filezilla-users" group
#*<code>net localgroup users filezilla /delete</code>; "filezilla" user is deleted from "Users" group

Or, ''' alternatively'''. There is a mechanism for windows services to run in own isolated environment. For each installed service you can use its own SID based on its name. It is accesseble out the box. Then you setup service just specify 'nt service\servicename' in runas username section without specifying password. Filezilla install service with name 'filezilla-server' by default. You should use name 'nt service\filezilla-server' in this case. Then setting up acl permissions to the folders by 'prepare permissions' section described bellow you also should use 'nt service\filezilla-server' name. Caution: if service name changes SID changes too. In this case you should update permissions on the folders.
Also you should add 'nt service\filezilla-server' user in 'Local Policies\User Rights Assignment\Access this computer from the network' of security policy. Launch secpol.msc to access sec policy.
The server's settings in this case will be stored in %systemroot%\ServiceProfiles\filezilla-server\AppData\Local\filezilla-server. 'nt service\filezilla-server' should have all necessary permissions/ownership for files and folders.