[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: using ldap with proftpd



It's now working but not as I wish :

Prune wrote:
> 
> Hi,
> 
> I'm sorry to ask, but I can't find any doc about that..
> 
> I've just installed the last proftpd server compiled with mod_ldap (vers
> 2.7.6)
> I add in the proftpd.conf :
> 
> LDAPServer                      localhost
> LDAPAuthBinds                   on
> LDAPDNInfo                      dc=lecentre,dc=net
> #LDAPPrefix                     "dc=lecentre,dc=net"
> LDAPDoAuth                      on "dc=lecentre,dc=net"
> 

I changed the LDAPDNInfo line to :

LDAPDNInfo		cn=manager, dc=lecentre, dc=net secret
(of course the pass is not the one I use :))

I's now working. but this is not what I want.
isn't it possible to bind the user directly, without having to use the
manager account to do that ?

Just for info, here are access granted to openldap in slapd.conf :

access to dn=".*,ou=users,ou=lecentre.net,dc=lecentre,dc=net"
        by dn="cn=manager,dc=lecentre,dc=net" write
        by self write
        by anonymous auth
        by * none

is this correct ?

Prune

> When I try to log in proftpd, here is what I got :
> 
> Jul 14 13:43:02 diamond slapd[379]: daemon: conn=579 fd=12 connection
> from IP=127.0.0.1:1717 (IP=0.0.0.0:389) accepted.
> Jul 14 13:43:02 diamond slapd[379]: conn=579 op=0 BIND
> dn="DC=LECENTRE,DC=NET" method=128
> Jul 14 13:43:02 diamond slapd[379]: conn=579 op=0 RESULT tag=97 err=0
> text=
> Jul 14 13:43:02 diamond slapd[379]: conn=579 op=1 SRCH
> base="dc=lecentre,dc=net" scope=2
> filter="(&(uid=stool)(objectClass=posixAccount))"
> Jul 14 13:43:02 diamond slapd[379]: conn=579 op=1 SEARCH RESULT tag=101
> err=0 text=
> Jul 14 13:43:02 diamond slapd[379]: conn=579 op=2 SRCH
> base="dc=lecentre,dc=net" scope=2
> filter="(&(uid=stool)(objectClass=posixAccount))"
> Jul 14 13:43:02 diamond slapd[379]: conn=579 op=2 SEARCH RESULT tag=101
> err=0 text=
> Jul 14 13:43:16 diamond slapd[379]: conn=579 op=3 UNBIND
> Jul 14 13:43:16 diamond slapd[379]: conn=-1 fd=12 closed
> Jul 14 13:43:16 diamond slapd[379]: daemon: conn=580 fd=12 connection
> from IP=127.0.0.1:1718 (IP=0.0.0.0:389) accepted.
> Jul 14 13:43:16 diamond slapd[379]: conn=580 op=0 BIND
> dn="DC=LECENTRE,DC=NET" method=128
> Jul 14 13:43:16 diamond slapd[379]: conn=580 op=0 RESULT tag=97 err=0
> text=
> Jul 14 13:43:16 diamond slapd[379]: conn=580 op=1 SRCH
> base="dc=lecentre,dc=net" scope=2
> filter="(&(uid=stool)(objectClass=posixAccount))"
> Jul 14 13:43:16 diamond slapd[379]: conn=580 op=1 SEARCH RESULT tag=101
> err=0 text=
> Jul 14 13:43:16 diamond slapd[379]: conn=580 op=2 SRCH
> base="dc=lecentre,dc=net" scope=2
> filter="(&(uid=stool)(objectClass=posixAccount))"
> Jul 14 13:43:16 diamond slapd[379]: conn=580 op=2 SEARCH RESULT tag=101
> err=0 text=
> Jul 14 13:43:16 diamond slapd[379]: conn=580 op=3 SRCH
> base="dc=lecentre,dc=net" scope=2
> filter="(&(uid=stool)(objectClass=posixAccount))"
> Jul 14 13:43:16 diamond slapd[379]: conn=580 op=3 SEARCH RESULT tag=101
> err=0 text=
> Jul 14 13:47:57 diamond slapd[379]: conn=-1 fd=12 closed
> 
> And this is my DN :
> 
> "uid=stool, ou=users, ou=lecentre.net, dc=lecentre,dc=net"
> 
> Then, uid=stool and userpassword is MD5 crypted.
> I also defined the attribut homedirectory, uidnumber and gidnumber
> 
> Binds seems to be good, but then...
> 
> Where an I wrong ?
> 
> Prune