Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 03-25-2008, 02:18 PM   #1
LQ Newbie
Registered: Mar 2008
Posts: 4

Rep: Reputation: 0
FTP authentication using Active Directory

I've created a linux FTP server using the sftp package already on the server. I'm able to add users with passwords and I have the FTP side working fine. I would like to be able to have users login with their Active Directory password (we are on a Windows domain obviously) to connect to the FTP site. The linux server doesn't need to be part of the domain (unless it has to be). Do I use Samba, LDAP? I'm kind of just throwing those words out there, but I'm not sure about any of it. I'm very much a newbie. I am using CentOS 5

Last edited by goody3335; 03-25-2008 at 02:20 PM. Reason: Added the OS
Old 03-25-2008, 02:25 PM   #2
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 911Reputation: 911Reputation: 911Reputation: 911Reputation: 911Reputation: 911Reputation: 911Reputation: 911

welcome to LQ.

My gut-feeling says LDAP, not that I'd know how to integrate
sftp with it (we're talking about the OpenSSH product here?).

Old 03-26-2008, 08:18 AM   #3
LQ Newbie
Registered: Mar 2008
Posts: 4

Original Poster
Rep: Reputation: 0

You know, I feel stupid saying this, but I honestly don't know. I did it via the webmin console and basically I specified that I wanted the server to be a sftp server. I'm not even so worried about it being sftp, though. I'm kind of playing around before I make the real server that we'll use.
How do I go about implementing LDAP? Would LDAP make it so that I have to login to the computer using an AD username, or would it just make it so that I would have to login to the ftp site with an AD username? Thanks!
Old 03-26-2008, 08:57 AM   #4
Registered: Mar 2008
Posts: 70

Rep: Reputation: 16
Your best bet is to review the documentation for the FTP program. That kind of support usually has to be compiled into the FTP program specifically, unless the author decided to add it by default. Either way, you'd have to check the docs.

IIRC, ProFTP and Pure-FTP both have the ability to support this. The general theory is that you have a non-privileged AD user (that can read from AD, but not write) scan through the AD to see if the user (that is requesting FTP access) exists in the AD. Then the FTP program needs to compare the supplied password (hashed correctly) with the hash in the AD. The only problem is ensuring that the FTP program is using the same authentication scheme as the FTP (Kerberos, I guess?).

While AD is LDAP-like, it is not LDAP.

Last edited by 3rods; 03-26-2008 at 08:58 AM. Reason: typos
Old 03-26-2008, 09:58 AM   #5
LQ Newbie
Registered: Mar 2008
Posts: 4

Original Poster
Rep: Reputation: 0
starting from scratch

Okay, so if I were to start from scratch what would your suggestion to me be? Load ProFTP (I only use that, because I know it's included in the OS). Then use LDAP? I guess I'm kind of looking for a step-by-step here. I've searched the internet, but there is just so much information out there...and most of it assumes that one would know more about Linux than I do. I'm learning...
Old 03-26-2008, 10:15 AM   #6
LQ Newbie
Registered: Mar 2008
Location: Backwoods New York
Distribution: Mandriva One (for now)
Posts: 6

Rep: Reputation: 0
There is always Vintela. Works quite well. Remember that AD has to have all the UNIX extensions enabled for any LDAP to work.
Old 03-26-2008, 10:41 AM   #7
LQ Newbie
Registered: Mar 2008
Posts: 4

Original Poster
Rep: Reputation: 0
Vintela looks like an easy solution, but I was looking for free least for now.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Active Directory Authentication for FTP server element247 Linux - Server 3 03-23-2007 02:34 PM
Active Directory Authentication zenix SUSE / openSUSE 29 03-22-2007 11:00 AM
Active Directory authentication with CentOS 4.2 dragonleech Linux - Networking 5 12-23-2005 01:48 PM
Active Directory authentication? cwhitmore Mandriva 3 03-09-2005 12:25 PM
active directory authentication mozilla Linux - Networking 2 02-21-2005 05:55 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 08:25 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration