Experimental support for Filezilla Server and LDAP directory

Need help with FileZilla Server? Something does not work as expected? In this forum you may find an answer.

Moderator: Project members

Message
Author
unst
500 Command not understood
Posts: 1
Joined: 2010-06-11 12:49

Re: Experimental support for Filezilla Server and LDAP direc

#31 Post by unst » 2010-06-11 13:21

Hi,
i tried to ran the LDAP Modificated Server exe on a Windows Server 2008 R2 x64, but starting the service failed.
See the image in in the attachment.

Do you know where the Error is?

I installed the release from the filezilla project site and replaced the files with the files in the zip-file and now the error occured.

Thank You!
Attachments
2010-06-11_152104.jpg
2010-06-11_152104.jpg (18.2 KiB) Viewed 11996 times

kontumenin
500 Syntax error
Posts: 16
Joined: 2009-04-15 21:32
First name: Juan Carlos
Last name: Monteagudo

Re: Experimental support for Filezilla Server and LDAP direc

#32 Post by kontumenin » 2010-06-21 07:50

Reinstall the Filezilla Server. I have tested and works fine.

Regards

amgits
500 Command not understood
Posts: 1
Joined: 2010-07-01 08:30
First name: Peter
Last name: Penibel

Re: Experimental support for Filezilla Server and LDAP direc

#33 Post by amgits » 2010-07-01 08:32

No it seems to be a problem with 64bit OS. Reinstalling does not fix the problem. Im experiencing the same problem on Windows 2008 Server, I tried all compatibility options available in 2008, but still no luck. Can anyone help?

Greets,

amgits

FrankNL
500 Command not understood
Posts: 1
Joined: 2010-08-18 20:57
First name: Frank
Last name: Pater

Re: Experimental support for Filezilla Server and LDAP direc

#34 Post by FrankNL » 2010-08-18 21:12

In my case FileZilla Server seems to work fine on windows 2008.
Problem i'm having is when i 'enable' the LDAP it will fail to authenticate my login, i made sure the username and password are correct. I just can't login FileZilla Server anymore....

Using the same configuration on windows 2003 worked fine (incl. the LDAP)

Any ideas what could cause this?

Regards,

Frank

lwinstead
500 Command not understood
Posts: 2
Joined: 2010-10-13 16:15
First name: Lawrence
Last name: Winstead

Re: Experimental support for Filezilla Server and LDAP direc

#35 Post by lwinstead » 2010-10-13 17:03

I need assistance in getting this to work. FileZilla Server is running on a Windows 2003 server, and my Domain Controller/Active Directory is running on Windows 2003 R2. Using the oldapcheck.exe program, I can successfully connect to the LDAP Services on my domain controller (oldapcheck lwinstead <password>). I can even use a tool like LDAP Browser to successfully connect to the LDAP services. But something isn't set right in FileZilla Server, because I can't log in from another computer on the network using my domain username and password.

EDIT: I mean I can't login in to the FileZilla FTP server using a domain login from another LAN computer.

I'm not sure if I'm missing something or if I haven't configured things correctly. Can someone please lend me a hand?

EDIT: Can someone who has FileZilla + LDAP working against Active Directory please share their setup?

fkoning
500 Command not understood
Posts: 1
Joined: 2010-10-20 09:56

Re: Experimental support for Filezilla Server and LDAP direc

#36 Post by fkoning » 2010-10-20 11:02

Got it working just now on a Windows Server 2008 R2, talking to LDAP on R2 also. The thing I missed was that you have so create all the users within FileZilla server, but leave the password field empty. So if you're known in the AD as "BobSmith" you have to create an account called "BobSmith" within FileZilla also.

Something people (including myself) tend to forget; the Windows firewall. Either disable it or make exceptions for FTP.

Hope that helps.

kontumenin
500 Syntax error
Posts: 16
Joined: 2009-04-15 21:32
First name: Juan Carlos
Last name: Monteagudo

Re: Experimental support for Filezilla Server and LDAP direc

#37 Post by kontumenin » 2010-10-22 12:27


Aliby
500 Command not understood
Posts: 4
Joined: 2009-10-16 13:29
First name: Alistair
Last name: Baty

Re: Experimental support for Filezilla Server and LDAP direc

#38 Post by Aliby » 2010-10-26 16:37

WARNING: Setting up a user needs to be done carefully: Username & Password

Without understanding the coding, it seems that Filezilla_OLDAP will check passwords in the Filezilla server set-up first, then check the OLDAP/AD passwords for that user.

I am thus finding that if you leave the password field blank the user can log-in without a password (empty or blank password field).
I have thus included a MEGA password in Filezilla for the OLDAP users so that:
1. No one will ever crack that password
2. The user will thus enter their OLDAP/AD password
3. It will always route Filezilla to check the server / OLDAP passwords as the first checked password (within Filezilla) is not matched

If this is so it would "simplify" the interface for adding USERS if there was a check box which designated the user as an "OLDAP user". In the background Filezilla could just use a dummy complex password holder to achieve the same effect as the administrator entering a password (that will never be used) in the current password field.

I would appreciate some feedback as to whether I am using it correctly and what you think of the suggestion.

kontumenin
500 Syntax error
Posts: 16
Joined: 2009-04-15 21:32
First name: Juan Carlos
Last name: Monteagudo

Re: Experimental support for Filezilla Server and LDAP direc

#39 Post by kontumenin » 2010-10-29 10:15

Aliby wrote:WARNING: Setting up a user needs to be done carefully: Username & Password

Without understanding the coding, it seems that Filezilla_OLDAP will check passwords in the Filezilla server set-up first, then check the OLDAP/AD passwords for that user.

I am thus finding that if you leave the password field blank the user can log-in without a password (empty or blank password field).
I have thus included a MEGA password in Filezilla for the OLDAP users so that:
1. No one will ever crack that password
2. The user will thus enter their OLDAP/AD password
3. It will always route Filezilla to check the server / OLDAP passwords as the first checked password (within Filezilla) is not matched

If this is so it would "simplify" the interface for adding USERS if there was a check box which designated the user as an "OLDAP user". In the background Filezilla could just use a dummy complex password holder to achieve the same effect as the administrator entering a password (that will never be used) in the current password field.

I would appreciate some feedback as to whether I am using it correctly and what you think of the suggestion.
yes, it's is correct.
I need to check the local and remote user. But I added this feacture:
http://www.dreamcamip.com/files/Filezil ... 9_37_b.zip
Attachments
filezilla_user.JPG
filezilla_user.JPG (41.41 KiB) Viewed 11113 times

Aliby
500 Command not understood
Posts: 4
Joined: 2009-10-16 13:29
First name: Alistair
Last name: Baty

Re: Experimental support for Filezilla Server and LDAP direc

#40 Post by Aliby » 2010-10-30 04:01

Thanks kontumenin, it is working really well for me. This little change just makes it neat.
Will this be built into the next official build?

User avatar
boco
Contributor
Posts: 26900
Joined: 2006-05-01 03:28
Location: Germany

Re: Experimental support for Filezilla Server and LDAP direc

#41 Post by boco » 2010-10-30 14:19

Nope. Official builds don't contain any LDAP support. This is a third-party modification only.
### BEGIN SIGNATURE BLOCK ###
No support requests per PM! You will NOT get any reply!!!
FTP connection problems? Please do yourself a favor and read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
### END SIGNATURE BLOCK ###

lwinstead
500 Command not understood
Posts: 2
Joined: 2010-10-13 16:15
First name: Lawrence
Last name: Winstead

Re: Experimental support for Filezilla Server and LDAP direc

#42 Post by lwinstead » 2010-11-03 18:12

Thanks for the above posts; I finally understand how to get this LDAP integration to work. It was mentioned earlier on in this thread, but I missed it due to language issues. I have to enter my AD users into FileZilla for them to be recognized as valid users when accessing the FTP site. If I don't have them listed, I will never authenticate to the FileZilla server, regardless of my AD ldap backend. Maybe this is specifically spelled out somewhere, but if it is I missed it.

ANYway, so is there an easy way to import my AD user list into FileZilla? I'd hate to have to create 50+ user accounts. Or am I better off creating a few generic accounts just in FileZilla?

Aliby
500 Command not understood
Posts: 4
Joined: 2009-10-16 13:29
First name: Alistair
Last name: Baty

Re: Experimental support for Filezilla Server and LDAP direc

#43 Post by Aliby » 2010-11-03 21:48

I used a pretty crude method, but it worked OK.

I created the one user (per category or type) in Filezilla so it added the correct sections in the FileZilla Server.xml file. This is located in C:\Program Files (x86)\FileZilla Server\ on my Server.
There after I replicated that tagged section using another application to add the new user details in the same format. I used openoffice calc and then did a copy | paste that section into a text editor with FileZilla Server.xml.

Further organizing ...
I organize permissions and access using groups so that the details don't have to be added for every user except, of course, the group they are in. Some of my "special" users only have access to folders, where the FOLDER name is the same as the USER name - that group uses the wild card u: in the path. Again simplifying later editing. This also makes the "batch processing" of the xml file easier.

Hope that helps.

kontumenin
500 Syntax error
Posts: 16
Joined: 2009-04-15 21:32
First name: Juan Carlos
Last name: Monteagudo

Re: Experimental support for Filezilla Server and LDAP direc

#44 Post by kontumenin » 2010-11-05 10:55

I have created a project on sourceforge, fzldap http://sourceforge.net/projects/fzldap/
I need help to write a little help text. My English is very poor. If someone wants to help, please send me a private message.

I have modified the source code to allow choosing where you want to check the password, local and / or LDAP
Attachments
users.png
users.png (36.22 KiB) Viewed 10928 times

kontumenin
500 Syntax error
Posts: 16
Joined: 2009-04-15 21:32
First name: Juan Carlos
Last name: Monteagudo

Re: Experimental support for Filezilla Server and LDAP direc

#45 Post by kontumenin » 2010-11-05 11:18

IMPORT USERS FROM "ACTIVE DIRECORY" In FileZilla

Normally, I generate the "Filezilla Server.xml" from php. I have the users in a database, so that my users can change the password and they have other features. Both, FTP and Web users can authenticate against LDAP.

I want to make a user interface to import LDAP users in Filezilla and generate the necessary files for Apache.

I created a tool to query LDAP in command line. I need test it in other LDAP and report that work correctly. I only can test with Active Directory.
http://www.dreamcamip.com/files/fzldapsearch.zip

I don't have much free time, but I'm thinking in a GUI as:
Attachments
import.png
import.png (22.83 KiB) Viewed 10927 times

Post Reply