[Samba] samba4 + ftp

Nico Kadel-Garcia nkadel at gmail.com
Tue Nov 12 17:30:16 MST 2013

Account management through LDAP is not usually necessary for FTP
access to a shared resource. Kerberized authentication is really all
that's needed for common resources.

The big problem, and why you *SHOULD NOT USE AD/Samba FOR FTP UNDER
ANY CIRCUMSTANCES", is that FTP is in clear-text. The passwords and
account names can be, and often are, sniffed by crackers even on
rootkitted machines that happen to be plugged into your network. There
are half a dozen better technologies, like FTPS and SFTP, compatible
with most modern FTP clients,  that can do a much more secure job of
this. Heck, even WebDAV over HTTPS is directly supported by most
browsers these days, and can be set up for upload, download, and
varous group privileges.

Don't use FTP anymore except for publicly shared access or passwords
and account names you really and truly do not care about being stolen.

On Tue, Nov 12, 2013 at 2:38 PM, Marc Muehlfeld <samba at marc-muehlfeld.de> wrote:
> Hello Darek,
> Am 12.11.2013 13:49, schrieb Darek Frączkiewicz:
>> I have debian 7 + samba4 as DC in my school. I would like to install FTP
>> server, too,  but I can't configure ftp server (vsftpd or proftpd) to
>> logging via samba4 accounts. I have Login incorect.
>> Please help
> I think this is what you're looking for:
> http://wiki.samba.org/index.php/Authenticating_other_services_against_AD#Authentication_against_AD
> Regards,
> Marc
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list