[prev in list] [next in list] [prev in thread] [next in thread]
List: proftpd-users
Subject: [Proftpd-user] Proftpd/Samba/PAM
From: "Barrett Conrad" <bconrad () chnola-research ! org>
Date: 2003-09-30 18:43:36
[Download RAW message or body]
Hi all.
Ok, I have racked my brain on this one and read anything and everything that I can \
find.
I am trying to configure a Linux ftp server that will authenticate users to a Windows \
domain. The obvious configuration involved Proftpd/Samba/PAM.
I think I have the Samba part down ok, since I can login into a shell as a domain \
member just fine, but once I try to use the same domain member as an ftp account, it \
fails. Using a normal user account lets me, so I know the ftp is working. Everything \
seems to point me to problems between PAM and Proftpd. I've check log after log and \
nothing is very apparent.
Thanks in advanced for all your help.
barrett.
My setup is as follows:
Mandrake 9.2rc2 (I know, I know. But it works great other than this.)
Samba 2.2.8
Kernel 2.4.22
Proftpd 1.2.8
Here is my /etc/pam.d/ftp file
#%PAM-1.0
auth required /lib/security/pam_listfile.so item=user sense=deny \
file=/etc/ftpusers onerr=succeed #auth required /lib/security/pam_pwdb.so \
shadow nullok auth sufficient /lib/security/pam_winbind.so
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_shells.so
# If this is enabled, anonymous logins will fail because the 'ftp' user does
# not have a "valid" shell, as listed in /etc/shells.
#
# If you enable this, it is recommended that you do *not* give the 'ftp'
# user a real shell. Instead, give the 'ftp' user /bin/false for a shell and
# add /bin/false to /etc/shells.
#auth required /lib/security/pam_shells.so
account sufficient /lib/security/pam_winbind.so
account required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
#account required /lib/security/pam_pwdb.so
#session required /lib/security/pam_pwdb.so
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
ProFTPD Users List <proftpd-users@proftpd.org>
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic