Novell OES with NSS - setting up VSFTPD
 

I am an administrator on a 100 computer/8 Server Novell network. We are trying to implement our first OES linux server with Edirectory and NSS running FTP services.

We installed OES linux and joined our existing test tree. VSFTPD is loaded and working when connecting with local linux users accounts (root, admin, etc)… we are hung up on using PAM -> LUM -> EDirectory for user authentication. Ultimately we would like to use an EDirectory user for all incoming FTP connections (all outside clients share the same account for simplicity) and [more importantly] have the FTP directory/account home directory on an NSS volume.

From IManager, we configured LUM properly (per instructions from novell) and converted our Edirectory users to LUM users (LUM enabled them). IManager reports back “successful”. We configured LDAP properly, and LUM enabled all available PAM-aware services in IManager. We have the following vsftpd pam file in the /etc/pam.d directory. Again, local users can log on via FTP, but not edirectory users. They get "login incorrect", nothing special in the VSFTPD log file.


Questions:

• What are we missing?
• IManager only lets you enable “FTP” services for use with LUM. Does this cover all FTP programs, or would I specifically have to enable the VSFTPD program somehow?
• What about the PAM user name variable in my vsftpd.conf file (see below – I don’t understand this at all – does PAM query LDAP, and if so, how do I configure the authentication)
•
write_enable=YES
dirmessage_enable=YES
local_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
pam_service_name=vsftpd
anonymous_enable=NO
local_umask=000



Any clues would be greatly appreciated.

t3: if you do an ldapsearch do you get a response from your ldap server?
pam can be setup to query an LDAP server, but it depends if you have the correct modules loaded. are you using tsl/ssl?