[Samba] getting error Ignoring parameter browse directory and winbind sequence directory
VigneshDhanraj G
vigneshdhanraj.g at gmail.com
Mon Oct 12 15:13:25 UTC 2015
Even basic authentication is not working. which works on 4.0.25 after
upgrade it fails. i uses same proftpd.conf same as yours. my /etc/pam.d/ftp
is
auth sufficient /lib/security/pam_smbpass.so
account required /lib/security/pam_nologin.so
account required /lib/security/pam_smbpass.so
password required /lib/security/pam_smbpass.so
session required /lib/security/pam_unix.so
after i disabled AD connection. Basic authentication also fails.
On Mon, Oct 12, 2015 at 4:14 PM, Rowland Penny <rowlandpenny241155 at gmail.com
> wrote:
> On 12/10/15 08:27, VigneshDhanraj G wrote:
>
>> Hi Rowland,
>>
>> Thanks for the help.
>>
>> Yes, Joined to the domain, ftp uses pam authentication. After upgrading
>> samba i found ftp pam authentication not working
>>
>> /etc/pam.d/ftp contains
>>
>> #%PAM-1.0
>> auth sufficient /lib/security/pam_smbpass.so
>> auth sufficient /lib/security/pam_winbind.so cached_login
>> auth required /lib/security/pam_winbind.so krb5_auth
>> account required /lib/security/pam_nologin.so
>> account sufficient /lib/security/pam_smbpass.so
>> account required /lib/security/pam_winbind.so
>> password sufficient /lib/security/pam_smbpass.so
>> password required /lib/security/pam_winbind.so
>> session required /lib/security/pam_unix.so
>>
>> here, we want to change anything?
>>
>>
>>
> OK, I have installed proftpd on a Debian Jessie Samba 4.3.0 domain member
> and set it up to use AD for authentication and it works for me (note, I did
> not use ldap authentication, I used PAM)
>
> My PAM setup is this:
>
> /etc/pam.d/proftpd
>
> auth required pam_listfile.so item=user sense=deny
> file=/etc/ftpusers onerr=succeed
> @include common-auth
> @include common-account
> @include common-session
>
> /etc/pam.d/common-auth
>
> auth [success=3 default=ignore] pam_krb5.so minimum_uid=1000
> auth [success=2 default=ignore] pam_unix.so nullok_secure
> try_first_pass
> auth [success=1 default=ignore] pam_winbind.so krb5_auth
> krb5_ccache_type=FILE cached_login try_first_pass
> auth requisite pam_deny.so
> auth required pam_permit.so
>
> /etc/pam.d/common-account
>
> account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so
> account [success=1 new_authtok_reqd=done default=ignore] pam_winbind.so
> account requisite pam_deny.so
> account required pam_permit.so
> account required pam_krb5.so minimum_uid=1000
>
> /etc/pam.d/common-session
>
> session [default=1] pam_permit.so
> session requisite pam_deny.so
> session required pam_permit.so
> session optional pam_krb5.so minimum_uid=1000
> session required pam_unix.so
> session optional pam_winbind.so
> session optional pam_ck_connector.so nox11
>
> My /etc/proftpd/proftpd.conf # most of the commented lines removed
>
> # Includes DSO modules
> Include /etc/proftpd/modules.conf
>
> UseIPv6 off
> IdentLookups off
>
> ServerName "My Server Name"
> ServerType standalone
> DeferWelcome off
>
> MultilineRFC2228 on
> DefaultServer on
> ShowSymlinks on
>
> TimeoutNoTransfer 600
> TimeoutStalled 600
> TimeoutIdle 1200
>
> DisplayLogin welcome.msg
> DisplayChdir .message true
> ListOptions "-l"
>
> DenyFilter \*.*/
>
> DefaultRoot ~
>
> Port 21
>
> <IfModule mod_dynmasq.c>
> # DynMasqRefresh 28800
> </IfModule>
>
> MaxInstances 30
>
> User proftpd
> Group nogroup
> Umask 022 022
> AllowOverwrite on
> PersistentPasswd off
>
> # This is required to use both PAM-based authentication and local passwords
> AuthOrder mod_auth_pam.c* mod_auth_unix.c
> AuthPAMConfig proftpd
> AuthPAM On
>
> TransferLog /var/log/proftpd/xferlog
> SystemLog /var/log/proftpd/proftpd.log
>
> <IfModule mod_quotatab.c>
> QuotaEngine off
> </IfModule>
>
> <IfModule mod_ratio.c>
> Ratios off
> </IfModule>
>
> <IfModule mod_delay.c>
> DelayEngine on
> </IfModule>
>
> <IfModule mod_ctrls.c>
> ControlsEngine off
> ControlsMaxClients 2
> ControlsLog /var/log/proftpd/controls.log
> ControlsInterval 5
> ControlsSocket /var/run/proftpd/proftpd.sock
> </IfModule>
>
> <IfModule mod_ctrls_admin.c>
> AdminControlsEngine off
> </IfModule>
>
> Include /etc/proftpd/conf.d/
>
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list