LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   vsftpd authentication against ldap users (https://www.linuxquestions.org/questions/linux-server-73/vsftpd-authentication-against-ldap-users-658697/)

haariseshu 07-28-2008 02:00 AM
vsftpd authentication against ldap users
 
Hi all,
I'm trying to make ny vsftpd againts ldap for vitualusers. All the user entries are putted in ldap. But while trying to login with vsftpd it's resulted with the following error:


[root@DIDEL_TCILS_MAIL01 ~]# ftp 192.168.117.27
Connected to 192.168.117.27.
220 Welcome to panafnet.com
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (192.168.117.27:root): vasuda [myusername as in ldap]
331 Please specify the password.
Password: [myuserpassword as in ldap]
500 OOPS: cannot locate user entry:vasuda
Login failed.
ftp>

-------------------------------
My /etc/pam.d/vsftpd file:

auth sufficient /lib/security/pam_ldap.so
auth required pam_unix2.so
account sufficient /lib/security/pam_ldap.so
account required pam_unix2.so
password sufficient /lib/security/pam_ldap.so
password required pam_unix2.so

/etc/pam.d/login file:

auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_ldap.so
auth required /lib/security/pam_unix_auth.so use_first_pass
account sufficient /lib/security/pam_ldap.so
account required /lib/security/pam_unix_acct.so
password required /lib/security/pam_cracklib.so
password sufficient /lib/security/pam_ldap.so
password required /lib/security/pam_unix_passwd.so use_first_pass md5 shadow
session required /lib/security/pam_unix_session.so

/etc/pam.d/passwd file

auth include system-auth
account include system-auth
password include system-auth

slapd log

Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 fd=14 ACCEPT from IP=192.168.117.27:54906 (IP=0.0.0.0:389)
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=0 BIND dn="cn=Manager,dc=panafnet,dc=com" method=128
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=0 BIND dn="cn=Manager,dc=panafnet,dc=com" mech=SIMPLE ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=0 RESULT tag=97 err=0 text=
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=1 SRCH base="dc=panafnet,dc=com" scope=2 deref=0 filter="(uid=vasuda)"
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=2 BIND anonymous mech=implicit ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=2 BIND dn="cn=vasuda,ou=Telemedicine,dc=panafnet,dc=com" method=128
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: slap_global_control: unrecognized control: 1.3.6.1.4.1.42.2.27.8.5.1
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=2 BIND dn="cn=vasuda,ou=Telemedicine,dc=panafnet,dc=com" mech=SIMPLE ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=2 RESULT tag=97 err=0 text=
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=3 BIND anonymous mech=implicit ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=3 BIND dn="cn=Manager,dc=panafnet,dc=com" method=128
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=3 BIND dn="cn=Manager,dc=panafnet,dc=com" mech=SIMPLE ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=3 RESULT tag=97 err=0 text=
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=4 UNBIND
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 fd=14 closed



If anybody can guess where i'm making mistake please guide me...

Thanks a lot...
-Hari.

tpe 01-27-2009 08:48 AM
Quote:
Originally Posted by haariseshu (Post 3228323)
Hi all,
I'm trying to make ny vsftpd againts ldap for vitualusers. All the user entries are putted in ldap. But while trying to login with vsftpd it's resulted with the following error:


[root@DIDEL_TCILS_MAIL01 ~]# ftp 192.168.117.27
Connected to 192.168.117.27.
220 Welcome to panafnet.com
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (192.168.117.27:root): vasuda [myusername as in ldap]
331 Please specify the password.
Password: [myuserpassword as in ldap]
500 OOPS: cannot locate user entry:vasuda
Login failed.
ftp>

-------------------------------
My /etc/pam.d/vsftpd file:

auth sufficient /lib/security/pam_ldap.so
auth required pam_unix2.so
account sufficient /lib/security/pam_ldap.so
account required pam_unix2.so
password sufficient /lib/security/pam_ldap.so
password required pam_unix2.so

/etc/pam.d/login file:

auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_ldap.so
auth required /lib/security/pam_unix_auth.so use_first_pass
account sufficient /lib/security/pam_ldap.so
account required /lib/security/pam_unix_acct.so
password required /lib/security/pam_cracklib.so
password sufficient /lib/security/pam_ldap.so
password required /lib/security/pam_unix_passwd.so use_first_pass md5 shadow
session required /lib/security/pam_unix_session.so

/etc/pam.d/passwd file

auth include system-auth
account include system-auth
password include system-auth

slapd log

Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 fd=14 ACCEPT from IP=192.168.117.27:54906 (IP=0.0.0.0:389)
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=0 BIND dn="cn=Manager,dc=panafnet,dc=com" method=128
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=0 BIND dn="cn=Manager,dc=panafnet,dc=com" mech=SIMPLE ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=0 RESULT tag=97 err=0 text=
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=1 SRCH base="dc=panafnet,dc=com" scope=2 deref=0 filter="(uid=vasuda)"
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=2 BIND anonymous mech=implicit ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=2 BIND dn="cn=vasuda,ou=Telemedicine,dc=panafnet,dc=com" method=128
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: slap_global_control: unrecognized control: 1.3.6.1.4.1.42.2.27.8.5.1
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=2 BIND dn="cn=vasuda,ou=Telemedicine,dc=panafnet,dc=com" mech=SIMPLE ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=2 RESULT tag=97 err=0 text=
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=3 BIND anonymous mech=implicit ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=3 BIND dn="cn=Manager,dc=panafnet,dc=com" method=128
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=3 BIND dn="cn=Manager,dc=panafnet,dc=com" mech=SIMPLE ssf=0
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=3 RESULT tag=97 err=0 text=
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 op=4 UNBIND
Jul 27 16:14:04 DIDEL_TCILS_DL01 slapd[1755]: conn=42 fd=14 closed



If anybody can guess where i'm making mistake please guide me...

Thanks a lot...
-Hari.
I have similar problems on RHEL5. Did you find any solution? If so, please post it.

narutoreplicate 03-03-2009 11:27 AM
Quote:
Originally Posted by tpe (Post 3422770)
I have similar problems on RHEL5. Did you find any solution? If so, please post it.
Same message, except to you now.


All times are GMT -5. The time now is 01:16 PM.