Subscribe
Accepted Solution

Enabling FTP on vfiler which is part of active directory domain

Hi,

I wanted to enable anonymous FTP on vfiler which is a part of windows 2003 active directory domain. This volume which I have enabled is a snapmirror volume and its acting as a read only cifs share. I followed the steps below but it does not work

1) Enable the FTP on Vfiler.

2) Enable the anonymous access.

3) Enabled the ftpd.anonymous.home_dir to the CIFS path

4) I have edited the usermap.cfg to map the NT user to unix user FTP ( xxx\kumaresan => ftp)

5) Now when i logging I get following error messages ( Response:     530 Login incorrect - User has no home directory)

6) Every other options in FTP is set to its default Value

I enabled the CIFS tracing enabled on the filer and I could see the maping works

Mon Dec 19 16:26:42 IST [xxxxx@xxxx1: auth.trace.authenticateUser.loginTraceIP:info]: AUTH: Login attempt by user kumaresan of domain xxxx from client machine x.x.x.x (Unknown).

Mon Dec 19 16:26:42 IST [xxxxx@xxxx1: auth.dc.trace.DCConnection.statusMsg:info]: AUTH: TraceDC- attempting authentication with domain controller \\xxxxx

Mon Dec 19 16:26:42 IST [xxxxx@xxxx1: auth.trace.authenticateUser.loginTraceMsg:info]: AUTH: User from x.x.x.x authenticated by DC.

Mon Dec 19 16:26:42 IST [xxxxx@xxxx1: auth.trace.mapNTToUnix:info]: AUTH: Mapping Windows user kumaresan to Unix user ftp.

If I create a user with exact same name as like in windows 2003 and with same pasword like domain credentials and edit the /etc/cifshomedir.cfg with the path of cifs share directory I am able to login fine . The problem is that we have many user who would be loggin to this directory to copy files from it .

If I have a controller which is not part of domain and enable the anonymous FTP with same cifs share path it works fine and I am able to browse the files . Since the NTLM auth mode is enabled the Local user doesnot work.

Not sure what I am doing wrong here . Any help on this would be appriciated

Thanks & Regards

Kumaresan




Re: Enabling FTP on vfiler which is part of active directory domain

I resolved this issue myself by using

options ftpd.dir.override

set this to same as options ftpd.anonymous.home_dir

Regards

Kumaresan

Re: Enabling FTP on vfiler which is part of active directory domain

sweet! thanks for the update!