Mail Archives: cygwin/2003/08/11/09:43:11
Hi Jason, thanks for the response.
OK - here's the scoop.
*** I GOT IT WORKING with domain authentication ***
After doing an strace, I found that proftpd could not validate a home
directory via UNC conventions.
In the domain enviroment I'm working on, the domain account I'm using for
testing has it's *home* directory
on a network shared resource - and mkpasswd -d -u loginname created an
entry with the home
directory set to //servername/users/loginname. proftpd could *not*
validate this and therefore
exited without attempting any further authentication. Once I changed the
home directory setting in
passwd to /home/loginname the domain login succeeded.
On a further note, I was able to get the SYSTEM id working for proftpd.
Turns out proftpd is HYPER
sensitve to the permissions-owner-group settings for the /var directory
tree. I resolved this by doing
chown -R SYSTEM:Administrators /var
That essentially fixed it.
Futhermore, it was *not* necessary to have to provide any further user
rights to the SYSTEM id.
It is working in "inetd" mode.
Brian Kelly
"Jason Tishler" <jason AT tishler DOT net>@cygwin.com on 08/11/2003 07:10:45 AM
Sent by: cygwin-owner AT cygwin DOT com
To: cygwin AT cygwin DOT com
cc: (bcc: Brian Kelly/WTC1/Empire)
Subject: Re: proftpd issues
Brian,
On Sat, Aug 09, 2003 at 09:12:57AM -0400, Brian Kelly wrote:
> I'm sorry Igor, I'm not giving you enough info. proftpd is being
> called from xinetd which itself is being launched via init. *telnet*
> works fine and authenticates BOTH local and domain ID's. So that
> *should* - correct me if I'm wrong - eliminate the passwd and group
> file entries as culprits. Especially since I'm using the very same
> domain ID for my testing.
Does /var/log/ProFTPD.log indicated anything interesting when
authentication fails. Can you strace the problem? What happens when
you run proftpd in stand-alone mode -- not under xinetd?
> Furthermore, if I change the ftp daemon to the one supplied with
> inetutils, Domain authentication works again.
FWIW, the authentication code in proftpd was copied from inetutils's
ftpd.
Jason
--
PGP/GPG Key: http://www.tishler.net/jason/pubkey.asc or key servers
Fingerprint: 7A73 1405 7F2B E669 C19D 8784 1AFD E4CC ECF4 8EF6
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
"WellChoice, Inc." made the following
annotations on 08/11/2003 09:45:14 AM
------------------------------------------------------------------------------
Attention! This electronic message contains information that may be legally
confidential and/or privileged. The information is intended solely for the
individual or entity named above and access by anyone else is unauthorized.
If you are not the intended recipient, any disclosure, copying, distribution,
or use of the contents of this information is prohibited and may be unlawful.
If you have received this electronic transmission in error, please reply
immediately to the sender that you have received the message in error, and
delete it. Release/Disclosure Statement
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -