in short I want a proftp server to authenticate against an ldap server. I have configured 1 proftp server to do this and it works as butter. I have configured another one in my opinion in exactly the same way and it does not work.
All servers are up-to-date debian.
For proftp is installed the proftp-ldap package (i.e. proftp is precompiled with ldap support).
For Ldap openldap is configured and working fine.
The problem is that it looks to me it does not even try to contact the ldap server for user authentication: I have checked for outgoing packages with tcpdump in the direction of the ldap server (tcpdump -n host Ip_ldap_server): nothing recorded!!!
I have no idea why it does not even try to connect to the LDAP server. Even less I do not understand what I did on the other server to make it work .....
this is the proftpd.conf file
Code:
# Includes DSO modules
Include /etc/proftpd/modules.conf
# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6 off
ServerName "abc.cde.de"
ServerType standalone
DeferWelcome off
UseReverseDNS off
MultilineRFC2228 on
DefaultServer on
DefaultAddress 1.2.3.4
ShowSymlinks on
TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200
DisplayLogin welcome.msg
DisplayFirstChdir .message
ListOptions "-l"
DenyFilter \*.*/
# Port 21 is the standard FTP port.
Port 21
MaxInstances 30
# Set the user and group that the server normally runs at.
User proftpd
Group nogroup
# Normally, we want files to be overwriteable.
AllowOverwrite on
# Uncomment this if you are using NIS or LDAP to retrieve passwords:
PersistentPasswd off
LogFormat write "%t %h %l %u \"%r\" %s %b %T"
TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log
ExtendedLog /var/log/proftpd/xtendlog Read,Write,Auth write
#SyslogLevel warn
SyslogLevel debug
# User Settings
AuthUserFile /etc/proftpd/users.passwd
RootLogin off
CreateHome on dirmode 755
DefaultRoot ~
DeleteAbortedStores on
IdentLookups off
MaxClientsPerHost 5
MaxLoginAttempts 5
RequireValidShell off
RootRevoke off
TimesGMT off
<IfModule mod_tls.c>
TLSEngine off
</IfModule>
<IfModule mod_quota.c>
QuotaEngine on
</IfModule>
<IfModule mod_ratio.c>
Ratios on
</IfModule>
# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
<IfModule mod_delay.c>
#DelayEngine on
DelayEngine off
</IfModule>
<IfModule mod_ctrls.c>
ControlsEngine on
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock
</IfModule>
<IfModule mod_ctrls_admin.c>
AdminControlsEngine on
</IfModule>
<IfModule mod_ldap.c>
## Define the LDAP server to contact
LDAPServer 5.6.7.8:389
## Limit users to their web directory. Use an "ad hoc" search filter
mplate" ]
LDAPDoAuth on "dc=aaa,dc=de" "(&(uid=%v)(objectclass=posixAccount))"
## LDAP Bind Directives
## Syntax -> LDAPDNInfo [ LDAPDNInfo "ldap-dn" "dn-password" ]
LDAPDNInfo "uid=bind,dc=aaa,dc=de" passwd
## Require that an incoming user can successfully bind to the LDAPServer.
LDAPAuthBinds on
## Look up UIDs and GIDs in the directory.
LDAPDoUIDLookups on "dc=aaa,dc=de"
LDAPSearchScope subtree
</IfModule>
HI ,
how can i change user permission on my ftp server from R to RW?
my ftp server is running on solaris 10,apache.
kindly advise.thanks.
br// (1 Reply)
Dear unix gurus,
I have a data file with header information about a subject and also 3 columns of n rows of data on various items he owns. The data file looks something like this:
adam peter
blah blah blah
blah blah blah
car
01 30 200
02 31 400
03 57 121
.. .. ..
.. .. ..
n y... (8 Replies)
Hi friends,
I have a script that sets the env variable path based on different conditions.
Now the new path variable setting should not done in the same terminal or same shell.
Only a new terminal or new shell should have the new path env variable set.
I am able to do this only as follows:
>cd... (1 Reply)
find . -type f -name "*.sql" -print|xargs perl -i -pe 's/pattern/replaced/g'
this is simple logic to find and replace in multiple files & folders
Hope this helps.
Thanks
Zaheer (0 Replies)
Hi, I hope the title does not scare people to look into this thread but it describes roughly what I'm trying to do. I need a solution in PHP.
I'm a programming beginner, so it might be that the approach to solve this, might be easier to solve with an other approach of someone else, so if you... (0 Replies)
Hello All
I have a xml file with many sets of records
like this
<mytag>mydata</mytag>
<tag2>data&</tag2>
also same file can be like this
<mytag>mydata</mytag>
<tag2>data&</tag2>
<tag3>data2&data3</tag3>
Now i can grep & and replace with & for whole file but it will replace all... (4 Replies)
Hi, I have text file abc.txt. In this file, I have the following data.
Input:
Mr Smith & Mrs Smith
Mr Smith &apos Mrs Smith
Mr Smith & Mrs Smith
Mr Smith& Mrs Smith
Mr Smith &Mrs Smith
Output:
Mr Smith & Mrs Smith
Mr Smith &apos Mrs Smith
Mr Smith & Mrs Smith
Mr Smith&... (4 Replies)
Hi
I am searching a tool like "LDAP Administrator 2011.1"/ "LDAP-SQL" but for the CLI.
Wish to use LDAP-SQL in scripts (non Windows GUI environment)
http://ldapadministrator.com/resources/english/2011.1/images/sqlquery_large.png
Softerra LDAP Administrator 2011.1 - What's New
OS is... (2 Replies)
Hi All,
Do you have any sample script,
- auto get file from SFTP remote server and delete file in remove server after downloaded.
- only download specify filename
- auto upload file from local to SFTP remote server and delete local folder file after uploaded
- only upload specify filename
... (3 Replies)
I have very limited knowledge on LDAP configuration and have been trying fix one issue, but unsuccessful.
The server, I am working on, is Solaris-10 zone. sudoers is configured on LDAP (its not on local server). I have access to login directly on server with root, but somehow sudo is not working... (9 Replies)