LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-25-2008, 02:18 PM   #1
goody3335
LQ Newbie
 
Registered: Mar 2008
Posts: 4

Rep: Reputation: 0
FTP authentication using Active Directory


I've created a linux FTP server using the sftp package already on the server. I'm able to add users with passwords and I have the FTP side working fine. I would like to be able to have users login with their Active Directory password (we are on a Windows domain obviously) to connect to the FTP site. The linux server doesn't need to be part of the domain (unless it has to be). Do I use Samba, LDAP? I'm kind of just throwing those words out there, but I'm not sure about any of it. I'm very much a newbie. I am using CentOS 5

Last edited by goody3335; 03-25-2008 at 02:20 PM. Reason: Added the OS
 
Old 03-25-2008, 02:25 PM   #2
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Hi,

welcome to LQ.

My gut-feeling says LDAP, not that I'd know how to integrate
sftp with it (we're talking about the OpenSSH product here?).



Cheers,
Tink
 
Old 03-26-2008, 08:18 AM   #3
goody3335
LQ Newbie
 
Registered: Mar 2008
Posts: 4

Original Poster
Rep: Reputation: 0
authentication

You know, I feel stupid saying this, but I honestly don't know. I did it via the webmin console and basically I specified that I wanted the server to be a sftp server. I'm not even so worried about it being sftp, though. I'm kind of playing around before I make the real server that we'll use.
How do I go about implementing LDAP? Would LDAP make it so that I have to login to the computer using an AD username, or would it just make it so that I would have to login to the ftp site with an AD username? Thanks!
 
Old 03-26-2008, 08:57 AM   #4
3rods
Member
 
Registered: Mar 2008
Posts: 70

Rep: Reputation: 16
Your best bet is to review the documentation for the FTP program. That kind of support usually has to be compiled into the FTP program specifically, unless the author decided to add it by default. Either way, you'd have to check the docs.

IIRC, ProFTP and Pure-FTP both have the ability to support this. The general theory is that you have a non-privileged AD user (that can read from AD, but not write) scan through the AD to see if the user (that is requesting FTP access) exists in the AD. Then the FTP program needs to compare the supplied password (hashed correctly) with the hash in the AD. The only problem is ensuring that the FTP program is using the same authentication scheme as the FTP (Kerberos, I guess?).

While AD is LDAP-like, it is not LDAP.

Last edited by 3rods; 03-26-2008 at 08:58 AM. Reason: typos
 
Old 03-26-2008, 09:58 AM   #5
goody3335
LQ Newbie
 
Registered: Mar 2008
Posts: 4

Original Poster
Rep: Reputation: 0
starting from scratch

Okay, so if I were to start from scratch what would your suggestion to me be? Load ProFTP (I only use that, because I know it's included in the OS). Then use LDAP? I guess I'm kind of looking for a step-by-step here. I've searched the internet, but there is just so much information out there...and most of it assumes that one would know more about Linux than I do. I'm learning...
 
Old 03-26-2008, 10:15 AM   #6
FreeRadical2600
LQ Newbie
 
Registered: Mar 2008
Location: Backwoods New York
Distribution: Mandriva One (for now)
Posts: 6

Rep: Reputation: 0
There is always Vintela. Works quite well. Remember that AD has to have all the UNIX extensions enabled for any LDAP to work.
 
Old 03-26-2008, 10:41 AM   #7
goody3335
LQ Newbie
 
Registered: Mar 2008
Posts: 4

Original Poster
Rep: Reputation: 0
Vintela looks like an easy solution, but I was looking for free stuff...at least for now.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Active Directory Authentication for FTP server element247 Linux - Server 3 03-23-2007 02:34 PM
Active Directory Authentication zenix SUSE / openSUSE 29 03-22-2007 11:00 AM
Active Directory authentication with CentOS 4.2 dragonleech Linux - Networking 5 12-23-2005 01:48 PM
Active Directory authentication? cwhitmore Mandriva 3 03-09-2005 12:25 PM
active directory authentication mozilla Linux - Networking 2 02-21-2005 05:55 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:31 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration