1 (edited by siddartha.g 2011-07-13 16:56:36)

Topic: [SOLVED] Problem with pure-ftpd integration.

Hi,
I have followed the tutorial below to integrate my iredmail-0.7.2 server with pure-ftpd (on ubunut 10.04.2 lts).

http://www.iredmail.org/wiki/index.php? … DAP/Ubuntu

Everything works fine until testing column on the tutorial, while I am trying to login as "user4" into lftp(created by using create_mail_user_OpenLDAP.sh script which is modified accordingly to my needs), it is showing the error like "authentication is failed".
Please help me.

Regards
siddartha.g

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: [SOLVED] Problem with pure-ftpd integration.

Could you please post whole debug log?

3

Re: [SOLVED] Problem with pure-ftpd integration.

ZhangHuangbin wrote:

Could you please post whole debug log?

I am sorry for asking,
could you please tell me where can I find the debug log?


Regards
siddartha.g

4

Re: [SOLVED] Problem with pure-ftpd integration.

Post testing log, same as here:
http://www.iredmail.org/wiki/index.php? … tu#Testing

Also, verbose server log of pure-ftpd:
http://www.iredmail.org/wiki/index.php? … leshooting

5

Re: [SOLVED] Problem with pure-ftpd integration.

Testing log
---- Connecting to localhost (::1) port 21
<--- 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
<--- 220-You are user number 1 of 50 allowed.
<--- 220-Local time is now 17:31. Server port: 21.
<--- 220-This is a private system - No anonymous login
<--- 220 You will be disconnected after 15 minutes of inactivity.
<--- 211-Extensions supported:
<---  EPRT
<---  IDLE
<---  MDTM
<---  SIZE
<---  REST STREAM
<---  MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
<---  MLSD
<---  AUTH TLS
<---  PBSZ
<---  PROT
<---  UTF8
<---  TVFS
<---  ESTA
<---  PASV
<---  EPSV
<---  SPSV
<---  ESTP
<--- 211 End.
<--- 500 This security scheme is not implemented
<--- 200 OK, UTF-8 enabled
<--- 200  MLST OPTS type;size;sizd;modify;UNIX.mode;UNIX.uid;UNIX.gid;unique;
<--- 331 User user3@xyz.com OK. Password required
<--- 530 Login authentication failed
ls: Login failed: 530 Login authentication failed
<--- 530 You aren't logged in
<--- 221-Goodbye. You uploaded 0 and downloaded 0 kbytes.
<--- 221 Logout.


domain name changed to xyz.com here.

Regards
siddartha.g

6

Re: [SOLVED] Problem with pure-ftpd integration.

Jul 14 17:31:29 server slapd[31293]: conn=1023 fd=18 ACCEPT from PATH=/var/run/slapd/ldapi (PATH=/var/run/slapd/ldapi)
Jul 14 17:31:29 server slapd[31293]: conn=1023 op=0 BIND dn="cn=Manager,dc=xyz,dc=com" method=128
Jul 14 17:31:29 server slapd[31293]: conn=1023 op=0 BIND dn="cn=Manager,dc=xyz,dc=com" mech=SIMPLE ssf=0
Jul 14 17:31:29 server slapd[31293]: conn=1023 op=0 RESULT tag=97 err=0 text=
Jul 14 17:31:29 server slapd[31293]: conn=1023 op=1 SRCH base="dc=xyz,dc=com" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=_pure-ftpd))"
Jul 14 17:31:29 server slapd[31293]: conn=1023 op=1 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass
Jul 14 17:31:29 server slapd[31293]: conn=1023 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=
Jul 14 17:31:29 server slapd[31293]: conn=1023 op=2 SRCH base="dc=xyz,dc=com" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=pure-ftpd))"
Jul 14 17:31:29 server slapd[31293]: conn=1023 op=2 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass
Jul 14 17:31:29 server slapd[31293]: conn=1023 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text=
Jul 14 17:31:29 server slapd[31293]: conn=1024 fd=41 ACCEPT from IP=[::1]:51777 (IP=[::]:389)
Jul 14 17:31:29 server slapd[31293]: conn=1024 op=0 BIND dn="cn=vmail,dc=xyz,dc=com" method=128
Jul 14 17:31:29 server slapd[31293]: conn=1024 op=0 BIND dn="cn=vmail,dc=xyz,dc=com" mech=SIMPLE ssf=0
Jul 14 17:31:29 server slapd[31293]: conn=1024 op=0 RESULT tag=97 err=0 text=
Jul 14 17:31:29 server slapd[31293]: conn=1024 op=1 SRCH base="o=domains,dc=xyz,dc=com" scope=2 deref=0 filter="(&(objectClass=PureFTPdUser)(mail=user3@xyz.com)(FTPStatus=enabled))"
Jul 14 17:31:29 server slapd[31293]: conn=1024 op=1 SRCH attr=FTPHomeDir  # <- This is new attribute, we will add it uidNumber FTPuid gidNumber FTPgid userPassword loginShell FTPStatus FTPQuotaFiles FTPQuotaMBytes FTPDownloadRatio FTPUploadRatio FTPDownloadBandwidth FTPUploadBandwidth
Jul 14 17:31:29 server slapd[31293]: conn=1024 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
Jul 14 17:31:29 server slapd[31293]: conn=1024 op=2 UNBIND
Jul 14 17:31:29 server slapd[31293]: conn=1024 fd=41 closed
Jul 14 17:31:29 server slapd[31293]: conn=1025 fd=41 ACCEPT from PATH=/var/run/slapd/ldapi (PATH=/var/run/slapd/ldapi)
Jul 14 17:31:29 server slapd[31293]: conn=1025 op=0 BIND dn="cn=Manager,dc=xyz,dc=com" method=128
Jul 14 17:31:29 server slapd[31293]: conn=1025 op=0 BIND dn="cn=Manager,dc=xyz,dc=com" mech=SIMPLE ssf=0
Jul 14 17:31:29 server slapd[31293]: conn=1025 op=0 RESULT tag=97 err=0 text=
Jul 14 17:31:29 server slapd[31293]: conn=1025 op=1 SRCH base="dc=xyz,dc=com" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=user3@xyz.com))"
Jul 14 17:31:29 server slapd[31293]: conn=1025 op=1 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass
FROM /var/log/openldap.log
Jul 14 17:31:29 server slapd[31293]: conn=1025 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=
Jul 14 17:31:29 server slapd[31293]: conn=1025 op=2 SRCH base="dc=xyz,dc=com" scope=2 deref=0 filter="(&(objectClass=posixAccount)(uid=user3@xyz.com))"
Jul 14 17:31:29 server slapd[31293]: conn=1025 op=2 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass
Jul 14 17:31:29 server slapd[31293]: conn=1025 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text=
Jul 14 17:31:29 server slapd[31293]: conn=1026 fd=42 ACCEPT from PATH=/var/run/slapd/ldapi (PATH=/var/run/slapd/ldapi)
Jul 14 17:31:29 server slapd[31293]: conn=1026 op=0 BIND dn="cn=Manager,dc=xyz,dc=com" method=128
Jul 14 17:31:29 server slapd[31293]: conn=1026 op=0 BIND dn="cn=Manager,dc=xyz,dc=com" mech=SIMPLE ssf=0
Jul 14 17:31:29 server slapd[31293]: conn=1026 op=0 RESULT tag=97 err=0 text=
Jul 14 17:31:29 server slapd[31293]: conn=1026 op=1 SRCH base="dc=xyz,dc=com" scope=2 deref=0 filter="(uid=user3@xyz.com)"
Jul 14 17:31:29 server slapd[31293]: conn=1026 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=
Jul 14 17:31:32 server slapd[31293]: conn=1026 op=2 UNBIND
Jul 14 17:31:32 server slapd[31293]: conn=1026 fd=42 closed
Jul 14 17:31:32 server slapd[31293]: connection_read(42): no connection!
Jul 14 17:31:32 server slapd[31293]: connection_read(42): no connection!
Jul 14 17:31:37 server slapd[31293]: conn=1025 fd=41 closed (connection lost)
Jul 14 17:31:37 server slapd[31293]: connection_read(41): no connection!
Jul 14 17:31:37 server slapd[31293]: connection_read(41): no connection!
Jul 14 17:31:37 server slapd[31293]: conn=1023 fd=18 closed (connection lost)
Jul 14 17:31:37 server slapd[31293]: connection_read(18): no connection!
Jul 14 17:31:37 server slapd[31293]: connection_read(18): no connection!
Jul 14 17:32:21 server slapd[31293]: conn=1027 fd=18 ACCEPT from IP=[::1]:51778 (IP=[::]:389)
Jul 14 17:32:21 server slapd[31293]: conn=1027 op=0 BIND dn="cn=Manager,dc=xyz,dc=com" method=128
Jul 14 17:32:21 server slapd[31293]: conn=1027 op=0 BIND dn="cn=Manager,dc=xyz,dc=com" mech=SIMPLE ssf=0
Jul 14 17:32:21 server slapd[31293]: conn=1027 op=0 RESULT tag=97 err=0 text=
Jul 14 17:32:21 server slapd[31293]: conn=1027 op=1 SRCH base="" scope=0 deref=0 filter="(objectClass=*)"
Jul 14 17:32:21 server slapd[31293]: conn=1027 op=1 SRCH attr=supportedControl
Jul 14 17:32:21 server slapd[31293]: conn=1027 op=1 SEARCH RESULT tag=101 err=0 nentries=1

and i am unable to find any logs in(it is empty)
/var/log/pure-ftpd/pureftpd.log


Regards
siddartha.g

7

Re: [SOLVED] Problem with pure-ftpd integration.

siddartha.g wrote:

Jul 14 17:31:29 server slapd[31293]: conn=1024 op=1 SRCH base="o=domains,dc=xyz,dc=com" scope=2 deref=0 filter="(&(objectClass=PureFTPdUser)(mail=user3@xyz.com)(FTPStatus=enabled))"
Jul 14 17:31:29 server slapd[31293]: conn=1024 op=1 SRCH attr=FTPHomeDir  # <- This is new attribute, we will add it uidNumber FTPuid gidNumber FTPgid userPassword loginShell FTPStatus FTPQuotaFiles FTPQuotaMBytes FTPDownloadRatio FTPUploadRatio FTPDownloadBandwidth FTPUploadBandwidth
Jul 14 17:31:29 server slapd[31293]: conn=1024 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=

This LDAP query returns one user (nentries=1).

I'm afraid that you'd better post all pureftpd settings here. (REMOVE/hide sensitive information before posting)

8

Re: [SOLVED] Problem with pure-ftpd integration.

Thank you for your kind reply zhang,
what exactly you want me to post?
I am sorry if I am asking newbie questions.


Regards
siddartha.g

9

Re: [SOLVED] Problem with pure-ftpd integration.

siddartha.g wrote:

what exactly you want me to post?

Sorry, i mean all settings under /etc/pure-ftpd/conf/ and file /etc/pure-ftpd/db/ldap.conf.

10 (edited by siddartha.g 2011-07-15 17:03:00)

Re: [SOLVED] Problem with pure-ftpd integration.

Zhang, its working from local host, but while trying to connect from another pc it is not working.
Can i post logs or config files please clarify again?

please clarify my another doubt,
can't we create and delete the accounts by using iredadmin.
I tried to create the account from iredadmin, its created but the account is not able to log in into ftp ( in the same time the user created from create_mail_user_OpenLDAP.sh acrip is logging in easily).
And I tried to delete the user which is created from create_mail_user_OpenLDAP.sh script, it is successfully deleted, but the folder which is created under /home/ftp directory is not deleted automatically.
In the same manner I have changed the password for the user created by create_mail_user_OpenLDAP.sh script from iredadmin, its working fine and able to login with new password.

Once again I am very much thankful for spending your precious time, I would like to appreciate your great efforts.

Regards
siddartha.g

11

Re: [SOLVED] Problem with pure-ftpd integration.

configuration files under /etc/pure-ftpd/conf/
there are 4 files in this directory they are
1.ChrootEveryone 
-> yes                                                                                                                                                               
2.CreateHomeDir                                                                                                                                                                     -> -> yes
3.DontResolve
-> yes                                                                                                                                                                 
4.LDAPConfigFile
-> /etc/pure-ftpd/db/ldap.conf

/etc/pure-ftpd/db/ldap.conf file consists of.


#############################################
#                                           #
# Sample Pure-FTPd LDAP configuration file. #
# See README.LDAP for explanations.         #
#                                           #
#############################################


# Optional : name of the LDAP server. Default : localhost

LDAPServer localhost


# Optional : server port. Default : 389

LDAPPort   389


# Mandatory : the base DN to search accounts from. No default.

LDAPBaseDN o=domains,dc=xyz,dc=com


# Optional : who we should bind the server as.
#            Default : binds anonymously or binds as FTP users

LDAPBindDN cn=vmail,dc=xyz,dc=com


# Password if we don't bind anonymously
# This configuration file should be only readable by root

LDAPBindPW cARIzefmBEjIsFqFO1LvTo5HCNXrCT
# Optional : default UID, when there's no entry in an user object

LDAPDefaultUID 1000


# Optional : default GID, when there's no entry in an user object

LDAPDefaultGID 1000


# Filter to use to find the object that contains user info
# \L is replaced by the login the user is trying to log in as
# The default filter is (&(objectClass=posixAccount)(uid=\L))

# LDAPFilter (&(objectClass=posixAccount)(uid=\L))
LDAPFilter (&(objectClass=PureFTPdUser)(mail=\L)(FTPStatus=enabled))


# Attribute to get the home directory
# Default is homeDirectory (the standard attribute from posixAccount)

# LDAPHomeDir homeDirectory
LDAPHomeDir FTPHomeDir  # <- This is new attribute, we will add it


# LDAP protocol version to use
# Version 3 (default) is mandatory with recent releases of OpenLDAP.

LDAPVersion 3


# Optional: use TLS to connect to the LDAP server
# LDAPUseTLS  True


# Can be PASSWORD or BIND.
# PASSWORD retrieves objects and checks against the userPassword attribute
# BIND tries to bind
LDAPAuthMethod PASSWORD

Regards
siddartha.g

12

Re: [SOLVED] Problem with pure-ftpd integration.

siddartha.g wrote:

# LDAPHomeDir homeDirectory
LDAPHomeDir FTPHomeDir  # <- This is new attribute, we will add it

Is text marked in red in your config file? It's not expected to be there.

13

Re: [SOLVED] Problem with pure-ftpd integration.

It is working after deleting the text.
Thank you so much Zhang

Regards
siddartha.g