ProFTPD 与 AD LDAP 无法检索正确的用户组

tag-icon tag-icon ftp ldap authentication
ProFTPD 与 AD LDAP 无法检索正确的用户组

我正在努力使用带有 AD LDAP 身份验证的 ProFTPD。我已配置好一切,并且身份验证可以正常工作,它会从 AD 中检索用户,如果存在,它会创建主文件夹并让用户进入。

问题是,文件夹是使用 LDAP 上存在的 UID 和 GUID 创建的,在这种情况下,我的用户具有 UID 10001 和 GUID 512,因此该文件夹属于 10001.513

这不是正确的情况,因为这意味着用户可以登录但不能上传或执行任何操作,所以对我来说这是无用的。

也许有人可以给我提供一些信息。

现在,日志和配置文件。

服务器:Ubuntu 14.04 LTS

Proftpd: 1.3.5a with mod_ldap 2.7

proftpd.conf

Include /etc/proftpd/modules.conf

UseIPv6             on
IdentLookups            off
ServerName          "FTP Server"
ServerType          standalone
DeferWelcome            off
MultilineRFC2228        on
DefaultServer           on
ShowSymlinks            on
TimeoutNoTransfer       600
TimeoutStalled          600
TimeoutIdle         1200
DisplayLogin                    welcome.msg
DisplayChdir                .message true
ListOptions                 "-l"
DenyFilter          \*.*/
DebugLevel          9
AllowOverwrite          on
RequireValidShell off
DefaultRoot         /nas
Port                21

<IfModule mod_dynmasq.c>
</IfModule>
MaxInstances            30
User                proftpd
Group               nogroup
Umask               022  022
AllowOverwrite          on
TransferLog /var/log/proftpd/xferlog
SystemLog   /var/log/proftpd/proftpd.log
<IfModule mod_quotatab.c>
QuotaEngine off
</IfModule>
<IfModule mod_ratio.c>
Ratios off
</IfModule>
<IfModule mod_delay.c>
DelayEngine on
</IfModule>
<IfModule mod_ctrls.c>
ControlsEngine        off
ControlsMaxClients    2
ControlsLog           /var/log/proftpd/controls.log
ControlsInterval      5
ControlsSocket        /var/run/proftpd/proftpd.sock
</IfModule>
<IfModule mod_ctrls_admin.c>
AdminControlsEngine off
</IfModule>

<Directory /home/%u >
        AllowOverwrite          yes
        <Limit ALL>
                AllowAll
        </Limit>
</Directory>
<Directory /home/public >
        AllowOverwrite          yes
        <Limit ALL>
                AllowAll
        </Limit>
</Directory>

Include /etc/proftpd/ldap.conf
Include /etc/proftpd/tls.conf
Include /etc/proftpd/conf.d/

ldap配置文件

<IfModule mod_ldap.c>
AuthOrder   mod_ldap.c
LDAPServer  ldap://ldap.domain.local/??sub
LDAPAttr    uid         sAMAccountName
LDAPAuthBinds   on
LDAPBindDN  "CN=faxsync,OU=it,DC=doman,DC=local" "*******"
LDAPUsers   "OU=it,DC=domain,DC=local" (&(uid=%u)(objectclass=user))
LDAPGroups  "OU=it,DC=domain,DC=local"
LDAPAttr    gidNumber   primaryGroupID
LDAPDefaultUID  65534       
LDAPDefaultGID  65534
LDAPGenerateHomedir on 0700
CreateHome on 0700
LDAPGenerateHomedirPrefix /nas/home
LDAPForceGeneratedHomedir on

</IfModule>

以及相关日志(已清理)

2015-04-02 12:27:28,601 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: generated filter (&(uid=nunterberger)(objectclass=user)) from template (&(uid=%u)(objectclass=user)) and value nunterberger
2015-04-02 12:27:28,601 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: attempting connection to ldap://ldap.domain.local/??sub
2015-04-02 12:27:28,601 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: set protocol version to 3
2015-04-02 12:27:28,601 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: connected to ldap://ldap.domain.local/??sub
2015-04-02 12:27:28,603 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: successfully bound as CN=faxsync,OU=it,DC=domain,DC=local with password (see config)
2015-04-02 12:27:28,603 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: set dereferencing to 0
2015-04-02 12:27:28,603 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: set query timeout to 5s
2015-04-02 12:27:28,622 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: searched under base DN OU=it,DC=domain,DC=local using filter (&(uid=nunterberger)(objectclass=user))
2015-04-02 12:27:28,622 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr sAMAccountName
2015-04-02 12:27:28,622 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr uidNumber
2015-04-02 12:27:28,622 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr primaryGroupID
2015-04-02 12:27:28,622 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr homeDirectory
2015-04-02 12:27:28,622 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: no values for attribute homeDirectory, trying defaults...
2015-04-02 12:27:28,622 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: using default homedir /nas/home/nunterberger
2015-04-02 12:27:28,622 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr loginShell
2015-04-02 12:27:28,622 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: user nunterberger, uid 10001, gid 513, homedir /nas/home/nunterberger, shell /bin/sh
2015-04-02 12:27:28,622 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: generated filter (&(primaryGroupID=513)(objectclass=posixGroup)) from template (&(primaryGroupID=%v)(objectclass=posixGroup)) and value 513
2015-04-02 12:27:28,622 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: searched under base DN OU=it,DC=domain,DC=local using filter (&(primaryGroupID=513)(objectclass=posixGroup))
2015-04-02 12:27:28,622 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: no entries for filter (&(primaryGroupID=513)(objectclass=posixGroup))
2015-04-02 12:27:28,622 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: generated filter OU=it,DC=domain,DC=local from template OU=it,DC=domain,DC=local and value nunterberger
2015-04-02 12:27:28,622 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: generated filter (&(uid=nunterberger)(objectclass=user)) from template (&(uid=%u)(objectclass=user)) and value nunterberger
2015-04-02 12:27:28,624 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: searched under base DN OU=it,DC=domain,DC=local using filter (&(uid=nunterberger)(objectclass=user))
2015-04-02 12:27:28,624 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr sAMAccountName
2015-04-02 12:27:28,624 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr uidNumber
2015-04-02 12:27:28,624 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr primaryGroupID
2015-04-02 12:27:28,624 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr homeDirectory
2015-04-02 12:27:28,624 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: no values for attribute homeDirectory, trying defaults...
2015-04-02 12:27:28,624 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: using default homedir /nas/home/nunterberger
2015-04-02 12:27:28,624 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr loginShell
2015-04-02 12:27:28,624 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: user nunterberger, uid 10001, gid 513, homedir /nas/home/nunterberger, shell /bin/sh
2015-04-02 12:27:28,624 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: generated filter (&(primaryGroupID=513)(objectclass=posixGroup)) from template (&(primaryGroupID=%v)(objectclass=posixGroup)) and value 513
2015-04-02 12:27:28,625 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: searched under base DN OU=it,DC=domain,DC=local using filter (&(primaryGroupID=513)(objectclass=posixGroup))
2015-04-02 12:27:28,625 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: no entries for filter (&(primaryGroupID=513)(objectclass=posixGroup))
2015-04-02 12:27:28,625 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: couldn't determine group name for user nunterberger primary group 513, skipping.
2015-04-02 12:27:28,625 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: generated filter (&(memberUid=nunterberger)(objectclass=posixGroup)) from template (&(memberUid=%v)(objectclass=posixGroup)) and value nunterberger
2015-04-02 12:27:28,625 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: searched under base DN OU=it,DC=domain,DC=local using filter (&(memberUid=nunterberger)(objectclass=posixGroup))
2015-04-02 12:27:28,625 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: no entries for filter (&(memberUid=nunterberger)(objectclass=posixGroup))
2015-04-02 12:27:28,625 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): dispatching PRE_CMD command 'PASS (hidden)' to mod_shaper
2015-04-02 12:27:28,625 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): ROOT PRIVS at mod_shaper.c:2026
2015-04-02 12:27:28,625 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): RELINQUISH PRIVS at mod_shaper.c:2028
2015-04-02 12:27:28,625 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): dispatching PRE_CMD command 'PASS (hidden)' to mod_wrap2
2015-04-02 12:27:28,625 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): dispatching PRE_CMD command 'PASS (hidden)' to mod_ban
2015-04-02 12:27:28,625 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): dispatching PRE_CMD command 'PASS (hidden)' to mod_wrap
2015-04-02 12:27:28,626 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): dispatching PRE_CMD command 'PASS (hidden)' to mod_radius
2015-04-02 12:27:28,626 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): dispatching PRE_CMD command 'PASS (hidden)' to mod_delay
2015-04-02 12:27:28,626 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): dispatching PRE_CMD command 'PASS (hidden)' to mod_auth
2015-04-02 12:27:28,626 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: successfully unbound
2015-04-02 12:27:28,626 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: not unbinding to an already unbound connection.
2015-04-02 12:27:28,626 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): dispatching CMD command 'PASS (hidden)' to mod_auth
2015-04-02 12:27:28,626 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: generated filter OU=it,DC=domain,DC=local from template OU=it,DC=domain,DC=local and value nunterberger
2015-04-02 12:27:28,626 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: generated filter (&(uid=nunterberger)(objectclass=user)) from template (&(uid=%u)(objectclass=user)) and value nunterberger
2015-04-02 12:27:28,626 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: attempting connection to ldap://ldap.domain.local/??sub
2015-04-02 12:27:28,626 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: set protocol version to 3
2015-04-02 12:27:28,626 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: connected to ldap://ldap.domain.local/??sub
2015-04-02 12:27:28,627 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: successfully bound as CN=faxsync,OU=it,DC=domain,DC=local with password (see config)
2015-04-02 12:27:28,627 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: set dereferencing to 0
2015-04-02 12:27:28,627 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: set query timeout to 5s
2015-04-02 12:27:28,629 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: searched under base DN OU=it,DC=domain,DC=local using filter (&(uid=nunterberger)(objectclass=user))
2015-04-02 12:27:28,629 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr sAMAccountName
2015-04-02 12:27:28,629 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr uidNumber
2015-04-02 12:27:28,629 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr primaryGroupID
2015-04-02 12:27:28,629 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr homeDirectory
2015-04-02 12:27:28,629 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: no values for attribute homeDirectory, trying defaults...
2015-04-02 12:27:28,629 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: using default homedir /nas/home/nunterberger
2015-04-02 12:27:28,629 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr loginShell
2015-04-02 12:27:28,629 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: user nunterberger, uid 10001, gid 513, homedir /nas/home/nunterberger, shell /bin/sh
2015-04-02 12:27:28,629 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: generated filter (&(primaryGroupID=513)(objectclass=posixGroup)) from template (&(primaryGroupID=%v)(objectclass=posixGroup)) and value 513
2015-04-02 12:27:28,630 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: searched under base DN OU=it,DC=domain,DC=local using filter (&(primaryGroupID=513)(objectclass=posixGroup))
2015-04-02 12:27:28,630 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: no entries for filter (&(primaryGroupID=513)(objectclass=posixGroup))
2015-04-02 12:27:28,630 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: generated filter OU=it,DC=domain,DC=local from template OU=it,DC=domain,DC=local and value nunterberger
2015-04-02 12:27:28,630 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: generated filter (&(uid=nunterberger)(objectclass=user)) from template (&(uid=%u)(objectclass=user)) and value nunterberger
2015-04-02 12:27:28,631 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: searched under base DN OU=it,DC=domain,DC=local using filter (&(uid=nunterberger)(objectclass=user))
2015-04-02 12:27:28,631 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr sAMAccountName
2015-04-02 12:27:28,631 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr uidNumber
2015-04-02 12:27:28,631 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr primaryGroupID
2015-04-02 12:27:28,631 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr homeDirectory
2015-04-02 12:27:28,631 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: no values for attribute homeDirectory, trying defaults...
2015-04-02 12:27:28,632 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: using default homedir /nas/home/nunterberger
2015-04-02 12:27:28,632 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr loginShell
2015-04-02 12:27:28,632 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: user nunterberger, uid 10001, gid 513, homedir /nas/home/nunterberger, shell /bin/sh
2015-04-02 12:27:28,632 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: generated filter (&(primaryGroupID=513)(objectclass=posixGroup)) from template (&(primaryGroupID=%v)(objectclass=posixGroup)) and value 513
2015-04-02 12:27:28,632 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: searched under base DN OU=it,DC=domain,DC=local using filter (&(primaryGroupID=513)(objectclass=posixGroup))
2015-04-02 12:27:28,632 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: no entries for filter (&(primaryGroupID=513)(objectclass=posixGroup))
2015-04-02 12:27:28,632 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: couldn't determine group name for user nunterberger primary group 513, skipping.
2015-04-02 12:27:28,632 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: generated filter (&(memberUid=nunterberger)(objectclass=posixGroup)) from template (&(memberUid=%v)(objectclass=posixGroup)) and value nunterberger
2015-04-02 12:27:28,633 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: searched under base DN OU=it,DC=domain,DC=local using filter (&(memberUid=nunterberger)(objectclass=posixGroup))
2015-04-02 12:27:28,633 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: no entries for filter (&(memberUid=nunterberger)(objectclass=posixGroup))
2015-04-02 12:27:28,633 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): no supplemental groups found for user 'nunterberger'
2015-04-02 12:27:28,633 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: generated filter OU=it,DC=domain,DC=local from template OU=it,DC=domain,DC=local and value nunterberger
2015-04-02 12:27:28,633 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: generated filter (&(uid=nunterberger)(objectclass=user)) from template (&(uid=%u)(objectclass=user)) and value nunterberger
2015-04-02 12:27:28,634 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: searched under base DN OU=it,DC=domain,DC=local using filter (&(uid=nunterberger)(objectclass=user))
2015-04-02 12:27:28,634 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr sAMAccountName
2015-04-02 12:27:28,634 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr uidNumber
2015-04-02 12:27:28,634 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr primaryGroupID
2015-04-02 12:27:28,634 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr homeDirectory
2015-04-02 12:27:28,634 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: no values for attribute homeDirectory, trying defaults...
2015-04-02 12:27:28,634 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: using default homedir /nas/home/nunterberger
2015-04-02 12:27:28,634 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: fetching value(s) for attr loginShell
2015-04-02 12:27:28,634 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: user nunterberger, uid 10001, gid 513, homedir /nas/home/nunterberger, shell /bin/sh
2015-04-02 12:27:28,635 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: attempting connection to ldap://ldap.domain.local/??sub
2015-04-02 12:27:28,635 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: set protocol version to 3
2015-04-02 12:27:28,635 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: connected to ldap://ldap.domain.local/??sub
2015-04-02 12:27:28,635 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: set dereferencing to 0
2015-04-02 12:27:28,635 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): mod_ldap/2.9.3: set query timeout to 5s
2015-04-02 12:27:28,636 fileserver proftpd[4163] fileserver.domain.local (3VQVB5J.local[192.168.13.22]): user 'nunterberger' authenticated by mod_ldap.c

希望有人能给我指明正确的方向。

谢谢!

答案1

我认为罪魁祸首是你的ldap.conf文件有两个都 LDAPGenerateHomedir CreateHome

LDAPGenerateHomedir on 0700
CreateHome on 0700

只需其中一个指令即可实际创建主目录。CreateHome指令是较新、更推荐的路径;我链接到的 howto 有更多示例/描述,说明您可以使用它做什么。因此,您可以尝试注释掉LDAPGenerateHomedir,看看是否CreateHome能满足您的需要。

希望这可以帮助!

相关内容