This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
Re: proftpd issues
- From: Igor Pechtchanski <pechtcha at cs dot nyu dot edu>
- To: Brian dot Kelly at empireblue dot com
- Cc: cygwin at cygwin dot com
- Date: Fri, 8 Aug 2003 20:57:53 -0400 (EDT)
- Subject: Re: proftpd issues
- Reply-to: cygwin at cygwin dot com
Fixes for what? If proftpd needs to switch user contexts (using Cygwin
system calls), the account it runs under needs to have those rights.
Period. If the SYSTEM account doesn't have those rights on your machine,
it's nothing that proftpd can fix. You'll just need to either create an
account with those rights, or add them to an existing account.
As for domain authentication, are the entries for the domain users you're
trying to authenticate present in your /etc/passwd file? Are their
corresponding groups in /etc/group? Just to eliminate that possibility,
could you please run "mkpasswd -d yourdomain >> /etc/passwd" and "mkgroup
-d yourdomain >> /etc/group" before trying again? You may want to save
backup copies of /etc/passwd and /etc/group first.
Igor
On Fri, 8 Aug 2003 Brian.Kelly@Empireblue.com wrote:
> Thanks for the response Igor. I'm working on W2K *Server* SP3. Maybe the
> Servers are more stict with the User Rights?? Domain authentication
> works fine for telnet, and inetutils ftpd - but *not* for proftpd. Any
> ideas? I think there's a test version of proftpd sitting out on the
> mirrors - perhaps it has fixes for this?
>
> Brian Kelly
>
>
> "Igor Pechtchanski" <pechtcha@cs.nyu.edu> on 08/08/2003 06:50:16 PM
>
> Please respond to cygwin@cygwin.com
>
> To: Brian.Kelly@empireblue.com
> cc: cygwin@cygwin.com
>
> Subject: Re: proftpd issues
>
>
> On Fri, 8 Aug 2003 Brian.Kelly@empireblue.com wrote:
>
> > Since having gotten xinetd working, I've shifted my effortst to the new
> > proftpd.
> >
> > After another couple of hours of *pain* - I finally got it going in a
> > limited fashion.
> >
> > First of all, I couldn't get it to start with the SYSTEM id as indicated
> > in the proftpd.conf file.
> >
> > I had to use a custom ID added to the Administrators group and having the
> > following User Rights assigned:
> >
> > "Act as part of the operating system"
> > "Replace process level token"
> > "Increase quotas"
> >
> > Question: Do these rights *have* to granted to the SYSTEM id for proftpd
> > to work?
>
> Yes. Since you've as much as quoted from the ntsec userguide section, I'm
> not going to bother citing a reference. The above rights are needed to
> switch user contexts. SYSTEM has it by default on most NT-based versions
> of Windows (but may not on some more recent ones, notably 2003 server).
>
> > Next - I could log on with local id's - but not with Domain id's. Is
> > proftpd set up to do domain authentication via ntsec??
> > If not, is there an ETA?
> >
> > Brian Kelly
>
> Cygwin (ntsec) is already set up for domain authentication. However, to
> be able to authenticate a domain user, that domain user has to be in
> /etc/passwd (and his groups should most likely be in /etc/group). Make
> sure your /etc/passwd includes the users you're trying to authenticate.
> Igor
--
http://cs.nyu.edu/~pechtcha/
|\ _,,,---,,_ pechtcha@cs.nyu.edu
ZZZzz /,`.-'`' -. ;-;;,_ igor@watson.ibm.com
|,4- ) )-,_. ,\ ( `'-' Igor Pechtchanski, Ph.D.
'---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow!
"I have since come to realize that being between your mentor and his route
to the bathroom is a major career booster." -- Patrick Naughton
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/