![]() I tried the debug mode ('proftpd -n -d 10') and it's working: 14:56:51,051 mod_ldap/2.9.5: generated filter DC=domain,DC=local from template DC=domain,DC=local and value ftpuser1 14:54:19,638 mod_ldap/2.9.5: bind as DN 'CN=myuser,CN=Users,DC=domain,DC=local' failed for 'ldaps://x.x.x.x/?sub': Can't contact LDAP server 14:54:19,632 mod_ldap/2.9.5: generated filter (&(sAMAccountName=ftpuser1)(objectclass=user)(memberOf=CN=FTP Users,CN=Users,DC=domain,DC=local)) from template (&(sAMAccountName=%u)(objectclass=user)(memberOf=CN=FTP Users,CN=Users,DC=domain,DC=local)) and value ftpuser1 14:54:19,631 mod_ldap/2.9.5: generated filter DC=domain,DC=local from template DC=domain,DC=local and value ftpuser1 14:54:19,629 mod_ldap/2.9.5: bind as DN 'CN=myuser,CN=Users,DC=domain,DC=local' failed for 'ldaps://x.x.x.x/?sub': Can't contact LDAP server ![]() 14:54:19,618 mod_ldap/2.9.5: generated filter (&(sAMAccountName=ftpuser1)(objectclass=user)(memberOf=CN=FTP Users,CN=Users,DC=domain,DC=local)) from template (&(sAMAccountName=%u)(objectclass=user)(memberOf=CN=FTP Users,CN=Users,DC=domain,DC=local)) and value ftpuser1 When service is running (running as proftpd/nogroup), authentication is not working: 14:54:19,616 mod_ldap/2.9.5: generated filter DC=domain,DC=local from template DC=domain,DC=local and value ftpuser1 LDAPUsers "DC=domain,DC=local" "(&(sAMAccountName=%u)(objectclass=user)(memberOf=CN=FTP Users,CN=Users,DC=domain,DC=local))" LDAPBindDN "CN=myuser,CN=Users,DC=domain,DC=local" "password" Ii proftpd-mod-ldap 1.3.7a+dfsg-12+deb11u2 amd64 Versatile, virtual-hosting FTP daemon - LDAP module Ii proftpd-mod-crypto 1.3.7a+dfsg-12+deb11u2 amd64 Versatile, virtual-hosting FTP daemon - TLS/SSL/SFTP modules Ii proftpd-core 1.3.7a+dfsg-12+deb11u2 amd64 Versatile, virtual-hosting FTP daemon - binaries ProFTPd version : # dpkg -l | grep proftpd ![]() I managed to get it working using simple LDAP on port 389 and now I would like to increase security! I'm trying to authenticate my FTP users from Active Directory using LDAPS over SSL (port 636).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |