> > > I am trying to configure ProFTPd 1.2.10 on CentOS 4.4 so that it will
> > > authenticate using pam_ldap with an alternate configuration file via
> > > config=/etc/ldap-ftp.conf so that I can set a different base dn than
> > > that used by the Unix logins. But despite whatever combinations I have
> > > tried (and I've tried scores) it appears to still always use the base dn
> > > in /etc/ldap.conf.

> >
> > This is really more of a question for the pam_ldap mailing list, rather
> > than proftpd.

>
> Here's an email thread about a similar issue; perhaps you can contact the
> people in the thread, as one of them appears to have a patch:
>
> http://www.nabble.com/Calling-pam_ld...-t1646440.html


Thanks so much for this, although their problem is showing itself in a
different way. Last night I recompiled a new pam_ldap, hard coded the
default path to config to /etc/ldap-ftp.conf where the base dn is set to
the different one, copied it as /lib/security/pam_ldap-ftp.so and the
initial username lookup from ProFTP through LDAP *still* came in under
the primary base dn. So it's making some kind of system call or such that
uses the system-wide base dn in /etc/ldap.conf, but I don't know C that
well so it's hard for me to see where in the code. It may be the caching
referred to in this thread, but where it's a different PAM module altogether
I don't know if that would come into play here. I have a message into PADL
to see if they will assist, as it is clearly a pam_ldap issue.

--
- Kyle

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?p...rge&CID=DEVDEV
_______________________________________________
ProFTPD Users List
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html