# AD, PAM and vsftp [Solved]

## aridhol

I'm trying to set up an ftp-server with Active Directory authentication of users.

I have set up the connection with AD so far that I can use 

```
getent passwd
```

. I do not want to use AD-logins on the server or any other way of login but ftp. I tried with ProFTPd first, but according to this howto that won't work. Not with PAM anyway.

I have 0 experience with PAM, Samba or vsftp, so this is proving quite a learningexperience.

Here are my configs:

 */etc/pam.d/ftp wrote:*   

> auth required pam_listfile.so item=user sense=allow file=/etc/ftpusers onerr=succeed
> 
> auth sufficient pam_winbind.so
> 
> auth required pam_stack.so service=system-auth
> ...

 

 */etc/vsftp/vsftp.conf wrote:*   

> 
> 
> background=YES
> 
> listen=YES
> ...

 

When I try to logni I get this in my logs:

 */var/log/messages wrote:*   

> May 11 10:24:49 TaDaLap vsftpd: PAM-listfile: Refused user EUIT+teacher for service ftp
> 
> May 11 10:24:49 TaDaLap pam_winbind[14073]: user 'EUIT+teacher' granted access
> 
> May 11 10:24:49 TaDaLap ftp(pam_unix)[14073]: check pass; user unknown
> ...

 

Any help would be greatly apreciated.

----------

## aridhol

Uncommented the references to service=system-auth, and now I get:

 */var/log/messages wrote:*   

> May 11 12:09:09 TaDaLap vsftpd: PAM-listfile: Refused user EUIT\teacher for service ftp
> 
> May 11 12:09:09 TaDaLap pam_winbind[14278]: request failed: No such user, PAM error was 10, NT error was NT_STATUS_NO_SUCH_USER
> 
> May 11 12:09:11 TaDaLap vsftpd: PAM-listfile: Refused user EUIT+teacher for service ftp
> ...

 

Test above with wrong username with \ and a correct username with + (as specified in smb.conf)

----------

## aridhol

Removed the first line in ftp.conf and got in.

Now working on getting quotas to work

----------

