?
Solved

PROFTPD - Login only to users under a specific group in AD 2003 - LDAP

Posted on 2011-09-30
2
Medium Priority
?
694 Views
Last Modified: 2013-12-02
Hi people,

I can successfully login through LDAP if the User is in: "CN=Users,DC=xxxx,DC=xxxx,DC=br".

But if set up to look in "CN=G_FTP,CN=Users,DC=xxxx,DC=xxxx,DC=br" I can not! And surely this user is in this group.

I got "no entries for filter sAMAccountname=tbsoares under base DN CN=G_FTP,CN=Users,DC=xxxx,DC=xxxx,DC=br" but as you can see in the image bellow, the user is there.

http://postimage.org/image/ykh5zdyc/

Sep 30 11:13:34 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): FTP session opened.
Sep 30 11:13:36 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching PRE_CMD command 'USER tbsoares' to mod_core
Sep 30 11:13:36 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching PRE_CMD command 'USER tbsoares' to mod_core
Sep 30 11:13:36 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching PRE_CMD command 'USER tbsoares' to mod_delay
Sep 30 11:13:36 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching PRE_CMD command 'USER tbsoares' to mod_auth
Sep 30 11:13:36 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): mod_ldap/2.8.22: not unbinding to an already unbound connection.
Sep 30 11:13:36 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): mod_ldap/2.8.22: not unbinding to an already unbound connection.
Sep 30 11:13:36 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching CMD command 'USER tbsoares' to mod_auth
Sep 30 11:13:36 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching POST_CMD command 'USER tbsoares' to mod_delay
Sep 30 11:13:36 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching LOG_CMD command 'USER tbsoares' to mod_log
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching PRE_CMD command 'PASS (hidden)' to mod_core
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching PRE_CMD command 'PASS (hidden)' to mod_core
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching PRE_CMD command 'PASS (hidden)' to mod_delay
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching PRE_CMD command 'PASS (hidden)' to mod_auth
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): mod_ldap/2.8.22: not unbinding to an already unbound connection.
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): mod_ldap/2.8.22: not unbinding to an already unbound connection.
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching CMD command 'PASS (hidden)' to mod_auth
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): mod_ldap/2.8.22: generated filter CN=G_FTP,CN=Users,DC=xxxx,DC=xxxx,DC=br from template CN=G_FTP,CN=Users,DC=xxxx,DC=xxxx,DC=br and value tbsoares
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): mod_ldap/2.8.22: generated filter sAMAccountname=tbsoares from template sAMAccountname=%u and value tbsoares
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): mod_ldap/2.8.22: attempting connection to ldap://XXX.xx.xx.xx:389/
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): mod_ldap/2.8.22: set protocol version to 3
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): mod_ldap/2.8.22: connected to ldap://XXX.xx.xx.xx:389/
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): mod_ldap/2.8.22: successfully bound as CN=proftp,CN=Users,DC=xxxx,DC=xxxx,DC=br with password N3tm4k3r
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): mod_ldap/2.8.22: set dereferencing to 0
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): mod_ldap/2.8.22: set query timeout to 5s
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): mod_ldap/2.8.22: searched under base DN CN=G_FTP,CN=Users,DC=xxxx,DC=xxxx,DC=br using filter sAMAccountname=tbsoares
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): mod_ldap/2.8.22: no entries for filter sAMAccountname=tbsoares under base DN CN=G_FTP,CN=Users,DC=xxxx,DC=xxxx,DC=br
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): USER tbsoares: no such user found from 10.1.2.25 [10.1.2.25] to XXX.xx.xx.xx:21
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching POST_CMD_ERR command 'PASS (hidden)' to mod_delay
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_log
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching LOG_CMD_ERR command 'PASS (hidden)' to mod_auth
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching PRE_CMD command 'SYST' to mod_core
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching PRE_CMD command 'SYST' to mod_core
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching CMD command 'SYST' to mod_core
Sep 30 11:13:37 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): dispatching LOG_CMD command 'SYST' to mod_log
Sep 30 11:18:34 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): Login timeout exceeded, disconnected
Sep 30 11:18:34 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): Session timed out, disconnected
Sep 30 11:18:34 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): mod_ldap/2.8.22: successfully unbound
Sep 30 11:18:34 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): mod_ldap/2.8.22: not unbinding to an already unbound connection.
Sep 30 11:18:34 hortela proftpd[17660] XXX.xx.xx.xx (10.1.2.25[10.1.2.25]): FTP session closed.

Open in new window


Tks in advance!

Tiago.
0
Comment
Question by:tbsoares
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 3

Accepted Solution

by:
dbauermann earned 2000 total points
ID: 37002545
Tiago, desculpe-me pelo meu inglês "mais ou menos", só o responderei neste idioma para manter a resposta para os demais leitores...

Did you try to use only "CN=G_FTP,DC=xxxx,DC=xxxx,DC=br" ?
0
 

Author Comment

by:tbsoares
ID: 37019618
Opa, sem problemas!

Just work if I put the users in the OU called G_FTP, but not in the group with this name...
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses
Course of the Month14 days, 23 hours left to enroll

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question