'[Proftpd-user] Proftpd/Samba/PAM'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       proftpd-users
Subject:    [Proftpd-user] Proftpd/Samba/PAM
From:       "Barrett Conrad" <bconrad () chnola-research ! org>
Date:       2003-09-30 18:43:36
[Download RAW message or body]

Hi all. 

Ok, I have racked my brain on this one and read anything and everything that I can \
find.  

I am trying to configure a Linux ftp server that will authenticate users to a Windows \
domain.   The obvious configuration involved Proftpd/Samba/PAM.  

I think I have the Samba part down ok, since I can login into a shell as a domain \
member just fine, but once I try to use the same domain member as an ftp account, it \
fails. Using a normal user account lets me, so I know the ftp is working.  Everything \
seems to point me to problems between PAM and Proftpd. I've check log after log and \
nothing is very apparent. 

Thanks in advanced for all your help.

barrett.

My setup is as follows:
Mandrake 9.2rc2 (I know, I know.  But it works great other than this.)
Samba 2.2.8
Kernel 2.4.22
Proftpd 1.2.8

Here is my /etc/pam.d/ftp file

#%PAM-1.0
auth       required     /lib/security/pam_listfile.so item=user sense=deny \
file=/etc/ftpusers onerr=succeed #auth       required    /lib/security/pam_pwdb.so \
shadow nullok auth       sufficient   /lib/security/pam_winbind.so
auth       required     /lib/security/pam_stack.so service=system-auth
auth       required     /lib/security/pam_shells.so
# If this is enabled, anonymous logins will fail because the 'ftp' user does
# not have a "valid" shell, as listed in /etc/shells.
#
# If you enable this, it is recommended that you do *not* give the 'ftp'
# user a real shell. Instead, give the 'ftp' user /bin/false for a shell and
# add /bin/false to /etc/shells.
#auth       required    /lib/security/pam_shells.so
account     sufficient  /lib/security/pam_winbind.so
account     required    /lib/security/pam_stack.so service=system-auth
session     required    /lib/security/pam_stack.so service=system-auth
#account    required    /lib/security/pam_pwdb.so
#session    required    /lib/security/pam_pwdb.so



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
ProFTPD Users List   <proftpd-users@proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic