[Samba] getting error Ignoring parameter browse directory and winbind sequence directory

VigneshDhanraj G vigneshdhanraj.g at gmail.com
Mon Oct 12 15:13:25 UTC 2015 

Even basic authentication is not working. which works on 4.0.25 after
upgrade it fails. i uses same proftpd.conf same as yours. my /etc/pam.d/ftp
is
auth       sufficient   /lib/security/pam_smbpass.so
account    required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_smbpass.so
password   required     /lib/security/pam_smbpass.so
session    required     /lib/security/pam_unix.so

after i disabled AD connection. Basic authentication also fails.

On Mon, Oct 12, 2015 at 4:14 PM, Rowland Penny <rowlandpenny241155 at gmail.com
> wrote:

> On 12/10/15 08:27, VigneshDhanraj G wrote:
>
>> Hi Rowland,
>>
>> Thanks for the help.
>>
>> Yes, Joined to the domain, ftp uses pam authentication. After upgrading
>> samba i found ftp pam authentication not working
>>
>> /etc/pam.d/ftp contains
>>
>> #%PAM-1.0
>> auth       sufficient   /lib/security/pam_smbpass.so
>> auth       sufficient   /lib/security/pam_winbind.so cached_login
>> auth       required     /lib/security/pam_winbind.so krb5_auth
>> account    required     /lib/security/pam_nologin.so
>> account    sufficient   /lib/security/pam_smbpass.so
>> account    required     /lib/security/pam_winbind.so
>> password   sufficient   /lib/security/pam_smbpass.so
>> password   required     /lib/security/pam_winbind.so
>> session    required     /lib/security/pam_unix.so
>>
>> here, we want to change anything?
>>
>>
>>
> OK, I have installed proftpd on a Debian Jessie Samba 4.3.0 domain member
> and set it up to use AD for authentication and it works for me (note, I did
> not use ldap authentication, I used PAM)
>
> My PAM setup is this:
>
>  /etc/pam.d/proftpd
>
> auth       required     pam_listfile.so item=user sense=deny
> file=/etc/ftpusers onerr=succeed
> @include common-auth
> @include common-account
> @include common-session
>
> /etc/pam.d/common-auth
>
> auth    [success=3 default=ignore]      pam_krb5.so minimum_uid=1000
> auth    [success=2 default=ignore]      pam_unix.so nullok_secure
> try_first_pass
> auth    [success=1 default=ignore]      pam_winbind.so krb5_auth
> krb5_ccache_type=FILE cached_login try_first_pass
> auth    requisite                       pam_deny.so
> auth    required                        pam_permit.so
>
> /etc/pam.d/common-account
>
> account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so
> account [success=1 new_authtok_reqd=done default=ignore] pam_winbind.so
> account requisite                       pam_deny.so
> account required                        pam_permit.so
> account required                        pam_krb5.so minimum_uid=1000
>
> /etc/pam.d/common-session
>
> session [default=1]                     pam_permit.so
> session requisite                       pam_deny.so
> session required                        pam_permit.so
> session optional                        pam_krb5.so minimum_uid=1000
> session required        pam_unix.so
> session optional                        pam_winbind.so
> session optional                        pam_ck_connector.so nox11
>
> My /etc/proftpd/proftpd.conf # most of the commented lines removed
>
> # Includes DSO modules
> Include /etc/proftpd/modules.conf
>
> UseIPv6                         off
> IdentLookups                    off
>
> ServerName            "My Server Name"
> ServerType            standalone
> DeferWelcome          off
>
> MultilineRFC2228      on
> DefaultServer         on
> ShowSymlinks          on
>
> TimeoutNoTransfer               600
> TimeoutStalled                  600
> TimeoutIdle                     1200
>
> DisplayLogin                    welcome.msg
> DisplayChdir                    .message true
> ListOptions                     "-l"
>
> DenyFilter                      \*.*/
>
> DefaultRoot                   ~
>
> Port                  21
>
> <IfModule mod_dynmasq.c>
> # DynMasqRefresh 28800
> </IfModule>
>
> MaxInstances                    30
>
> User                            proftpd
> Group                           nogroup
> Umask                           022  022
> AllowOverwrite                  on
> PersistentPasswd              off
>
> # This is required to use both PAM-based authentication and local passwords
> AuthOrder                     mod_auth_pam.c* mod_auth_unix.c
> AuthPAMConfig     proftpd
> AuthPAM        On
>
> TransferLog /var/log/proftpd/xferlog
> SystemLog   /var/log/proftpd/proftpd.log
>
> <IfModule mod_quotatab.c>
> QuotaEngine off
> </IfModule>
>
> <IfModule mod_ratio.c>
> Ratios off
> </IfModule>
>
> <IfModule mod_delay.c>
> DelayEngine on
> </IfModule>
>
> <IfModule mod_ctrls.c>
> ControlsEngine        off
> ControlsMaxClients    2
> ControlsLog           /var/log/proftpd/controls.log
> ControlsInterval      5
> ControlsSocket        /var/run/proftpd/proftpd.sock
> </IfModule>
>
> <IfModule mod_ctrls_admin.c>
> AdminControlsEngine off
> </IfModule>
>
> Include /etc/proftpd/conf.d/
>
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list