LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Pure-ftpd + ldap (https://www.linuxquestions.org/questions/linux-server-73/pure-ftpd-ldap-666360/)

dany4j 08-29-2008 04:13 PM

Pure-ftpd + ldap
 
Hello,

I'm trying to configure pure-ftpd on one server with ldap back ended. The server is running but when I try to ftp in from a windows machine (using CuteFTP) it fails

This is the error in /var/log/messages:
Code:

Aug 29 23:41:52 document pure-ftpd: (?@myIP) [INFO] New connection from 79-113-210-139.rdsnet.ro
Aug 29 23:41:52 document pure-ftpd: (?@myIP) [WARNING] Authentication failed for user [danim]

And this is from client:
Code:

Connected to document.speranta.eu.
220-Welcome to Pure-FTPd.
220-You are user number 1 of 50 allowed.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
500 This security scheme is not implemented
500 This security scheme is not implemented
KERBEROS_V4 rejected as an authentication type
Name: danim
331 User danim OK. Password required
Password:
530 Login authentication failed
Login failed.

my /etc/pureftpd-ldap.conf contains:
Code:

LDAPServer localhost
LDAPPort  389
LDAPBaseDN cn=Users,dc=speranta,dc=eu                                                                                                                        LDAPBindDN cn=Manager,dc=speranta,dc=eu
LDAPBindPW <my-pass>
LDAPDefaultUID 500
LDAPDefaultGID 100

What's wrong?

Thank You.

alpha01 08-29-2008 06:18 PM

Did you changed the user's default shell to /bin/false?

I've had a similar issue before of having an ftp user failed login even though it was the right passwd! In my case, the default log in shell had to be changed to /bin/false/ (with a forward slash at the end).

dany4j 08-30-2008 12:14 AM

Hi alpha01,

I didn't change.

A few more details the server is PDC with samba. And I can connect to the server with that user.

Now, if I change user's default shell to /bin/false can I log again on server and on domain ? As I know from my experience (not very big) I can't.


Thank you.

alpha01 09-02-2008 11:08 AM

Quote:

Originally Posted by dany4j (Post 3264238)
Hi alpha01,

I didn't change.

A few more details the server is PDC with samba. And I can connect to the server with that user.

Now, if I change user's default shell to /bin/false can I log again on server and on domain ? As I know from my experience (not very big) I can't.


Thank you.

I believe the user should be able to log into the domain. I don't think changing the default shell will interfere. Try it and see if it works.

dany4j 09-02-2008 11:17 PM

Hi alpha01,

I changed shell in ldap to /bin/false (to the user) and still no ftp

Code:

Sep  3 07:12:46 document pure-ftpd: (?@myIP) [INFO] New connection from myIP
Sep  3 07:12:46 document pure-ftpd: (?@myIP) [WARNING] Authentication failed for user [myUSER]
Sep  3 07:12:50 document pure-ftpd: (?@myIP) [INFO] Logout.

I don't know how to test if pureftp logins to ldap.

Thank you.

dany4j 09-02-2008 11:56 PM

Hi alpha01,

I fixed :))

I changed
Code:

LDAPBaseDN cn=Users,dc=speranta,dc=eu
to
Code:

LDAPBaseDN dc=speranta,dc=eu
Thank you for your time


All times are GMT -5. The time now is 02:09 PM.