LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 07-28-2008, 02:00 AM   #1
haariseshu
Member
 
Registered: Jan 2008
Location: Noida, India
Distribution: RHEL
Posts: 81

Rep: Reputation: 15
Question vsftpd authentication against ldap users


Hi all,
I'm trying to make ny vsftpd againts ldap for vitualusers. All the user entries are putted in ldap. But while trying to login with vsftpd it's resulted with the following error:


[root@DIDEL_TCILS_MAIL01 ~]# ftp 192.168.117.27
Connected to 192.168.117.27.
220 Welcome to panafnet.com
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (192.168.117.27:root): vasuda [myusername as in ldap]
331 Please specify the password.
Password: [myuserpassword as in ldap]
500 OOPS: cannot locate user entry:vasuda
Login failed.
ftp>

-------------------------------
My /etc/pam.d/vsftpd file:

auth sufficient /lib/security/pam_ldap.so
auth required pam_unix2.so
account sufficient /lib/security/pam_ldap.so
account required pam_unix2.so
password sufficient /lib/security/pam_ldap.so
password required pam_unix2.so


/etc/pam.d/login file:

auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_ldap.so
auth required /lib/security/pam_unix_auth.so use_first_pass
account sufficient /lib/security/pam_ldap.so
account required /lib/security/pam_unix_acct.so
password required /lib/security/pam_cracklib.so
password sufficient /lib/security/pam_ldap.so
password required /lib/security/pam_unix_passwd.so use_first_pass md5 shadow
session required /lib/security/pam_unix_session.so

/etc/pam.d/passwd file

auth include system-auth
account include system-auth
password include system-auth


slapd log

Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 fd=14 ACCEPT from IP=192.168.117.27:54906 (IP=0.0.0.0:389)
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=0 BIND dn="cn=Manager,dc=panafnet,dc=com" method=128
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=0 BIND dn="cn=Manager,dc=panafnet,dc=com" mech=SIMPLE ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=0 RESULT tag=97 err=0 text=
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=1 SRCH base="dc=panafnet,dc=com" scope=2 deref=0 filter="(uid=vasuda)"
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=2 BIND anonymous mech=implicit ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=2 BIND dn="cn=vasuda,ou=Telemedicine,dc=panafnet,dc=com" method=128
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: slap_global_control: unrecognized control: 1.3.6.1.4.1.42.2.27.8.5.1
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=2 BIND dn="cn=vasuda,ou=Telemedicine,dc=panafnet,dc=com" mech=SIMPLE ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=2 RESULT tag=97 err=0 text=
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=3 BIND anonymous mech=implicit ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=3 BIND dn="cn=Manager,dc=panafnet,dc=com" method=128
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=3 BIND dn="cn=Manager,dc=panafnet,dc=com" mech=SIMPLE ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=3 RESULT tag=97 err=0 text=
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=4 UNBIND
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 fd=14 closed



If anybody can guess where i'm making mistake please guide me...

Thanks a lot...
-Hari.

Last edited by haariseshu; 07-28-2008 at 02:41 AM.
 
Old 01-27-2009, 08:48 AM   #2
tpe
Member
 
Registered: Oct 2004
Location: Athens, Greece
Distribution: Suse Linux
Posts: 98

Rep: Reputation: 16
Quote:
Originally Posted by haariseshu View Post
Hi all,
I'm trying to make ny vsftpd againts ldap for vitualusers. All the user entries are putted in ldap. But while trying to login with vsftpd it's resulted with the following error:


[root@DIDEL_TCILS_MAIL01 ~]# ftp 192.168.117.27
Connected to 192.168.117.27.
220 Welcome to panafnet.com
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (192.168.117.27:root): vasuda [myusername as in ldap]
331 Please specify the password.
Password: [myuserpassword as in ldap]
500 OOPS: cannot locate user entry:vasuda
Login failed.
ftp>

-------------------------------
My /etc/pam.d/vsftpd file:

auth sufficient /lib/security/pam_ldap.so
auth required pam_unix2.so
account sufficient /lib/security/pam_ldap.so
account required pam_unix2.so
password sufficient /lib/security/pam_ldap.so
password required pam_unix2.so


/etc/pam.d/login file:

auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_ldap.so
auth required /lib/security/pam_unix_auth.so use_first_pass
account sufficient /lib/security/pam_ldap.so
account required /lib/security/pam_unix_acct.so
password required /lib/security/pam_cracklib.so
password sufficient /lib/security/pam_ldap.so
password required /lib/security/pam_unix_passwd.so use_first_pass md5 shadow
session required /lib/security/pam_unix_session.so

/etc/pam.d/passwd file

auth include system-auth
account include system-auth
password include system-auth


slapd log

Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 fd=14 ACCEPT from IP=192.168.117.27:54906 (IP=0.0.0.0:389)
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=0 BIND dn="cn=Manager,dc=panafnet,dc=com" method=128
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=0 BIND dn="cn=Manager,dc=panafnet,dc=com" mech=SIMPLE ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=0 RESULT tag=97 err=0 text=
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=1 SRCH base="dc=panafnet,dc=com" scope=2 deref=0 filter="(uid=vasuda)"
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=2 BIND anonymous mech=implicit ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=2 BIND dn="cn=vasuda,ou=Telemedicine,dc=panafnet,dc=com" method=128
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: slap_global_control: unrecognized control: 1.3.6.1.4.1.42.2.27.8.5.1
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=2 BIND dn="cn=vasuda,ou=Telemedicine,dc=panafnet,dc=com" mech=SIMPLE ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=2 RESULT tag=97 err=0 text=
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=3 BIND anonymous mech=implicit ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=3 BIND dn="cn=Manager,dc=panafnet,dc=com" method=128
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=3 BIND dn="cn=Manager,dc=panafnet,dc=com" mech=SIMPLE ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=3 RESULT tag=97 err=0 text=
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=4 UNBIND
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 fd=14 closed



If anybody can guess where i'm making mistake please guide me...

Thanks a lot...
-Hari.
I have similar problems on RHEL5. Did you find any solution? If so, please post it.
 
Old 03-03-2009, 11:27 AM   #3
narutoreplicate
LQ Newbie
 
Registered: Mar 2009
Posts: 1

Rep: Reputation: 0
Quote:
Originally Posted by tpe View Post
I have similar problems on RHEL5. Did you find any solution? If so, please post it.
Same message, except to you now.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
problem on vsftpd authentication againts ldap haariseshu Linux - Software 0 07-26-2008 09:07 AM
Vpopmail ldap to samba ldap users luquee Linux - Software 1 07-23-2008 11:38 AM
Authentication on ldap server for ssh users? cantabile Linux - Networking 0 06-05-2008 04:52 PM
vsftpd using Ldap+pam authentication issue PhillipHuang Linux - Software 1 09-26-2006 10:43 PM
Struggling to setup a Debian/etch desktop: LDAP users and LOCAL users jferrando Linux - Networking 1 05-05-2006 03:44 PM


All times are GMT -5. The time now is 09:10 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration