FTP with AD user integration
I currently have a unused server that i'd like to throw ubuntu on and move our FTP to it inorder to seperate it from our other boxes that are running windows 2003 and 2008. All this is running on a Win 2003 Domain.
Does anybody have any idea on what I could use on Ubuntu or possibly another distro to run FTP and integrate / authenticate the users from AD?
Does anybody have any idea on what I could use on Ubuntu or possibly another distro to run FTP and integrate / authenticate the users from AD?
Comments
-
Jordus
Banned Posts: 336
You could accomplish this with IIS on a windows server.
Don't know what youd do with linux to get it to work. -
Slowhand
Mod Posts: 5,161 Mod
You're going to have to get creative with LDAP and/or WinBIND.
Free Microsoft Training: Microsoft Learn
Free PowerShell Resources: Top PowerShell Blogs
Free DevOps/Azure Resources: Visual Studio Dev Essentials
Let it never be said that I didn't do the very least I could do. -
qwertyiop
Member Posts: 725 ■■■□□□□□□□
I'd scrap Ubuntu and load Server 2003 and call it a day.
Thats what I'd do but I work for a small company and we dont have any spare licences and I really cant stand having FTP on a DC.
The person that originally setup our network really sucked, we dont even have a DMZ so if a person happens crack a password there on the network. -
blargoe
Member Posts: 4,174 ■■■■■■■■■□
I turned up a bunch of results when I googled "linux ftp active directory". Getting your linux server to authenticate Active Directory users would be the first and hardest step. Then just throw FTP on top of it. I've never done that before but it ought to work.IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
qwertyiop
Member Posts: 725 ■■■□□□□□□□
I turned up a bunch of results when I googled "linux ftp active directory". Getting your linux server to authenticate Active Directory users would be the first and hardest step. Then just throw FTP on top of it. I've never done that before but it ought to work.
I'll have to give it a try. I can get the user logon to Authenticate onto the Domain I juft dont know if that AD authentication stretches to the FTP. -
Jagged
Member Posts: 67 ■■□□□□□□□□
Don't forget that with AD-integrated FTP the user's domain passwords are sent over the wire in the open. In my setups I would only authorize limited accounts to the FTP server. Remove them from Domain Users and give them just enough rights to use the server.Microsoft: MCSE 4, MCSE 2003 +Security, MSCA 2003 Messaging, MCITP:SA -- Cisco: CCNA
Novell: CNE 3-6, CLA, CLP, CLE -- Nortel: NCDS, NCSS -- CompTIA: Project+, Server+, Linux+, Security+
Courses Completed at WGU:
EWB2, BBC1, LAE1, WFV1, SSC1, CLC1, WDV1, MGC1, ORC1, INC1, IWC1
Courses Required BS - IT: NETW:
LAT1, LUT1, INT1, SST1, LET1, IWT1, BOV1, TWA1, CPW2
Classes Transferred:
BAC1, TEV1, TTV1, QLC1, QMC1, QLT1, TSV1, TPV1, TNV1, BRV1, ABV1, AHV1, AIV1, AJV1 -
qwertyiop
Member Posts: 725 ■■■□□□□□□□
Don't forget that with AD-integrated FTP the user's domain passwords are sent over the wire in the open. In my setups I would only authorize limited accounts to the FTP server. Remove them from Domain Users and give them just enough rights to use the server.
I know, I have specific FTP accounts for each of my sites. -
rwwest7
Member Posts: 300
Might want to also research a product called Serv-U file server. You could load it up on your DC, and the program has lots of ways to lock down access. You can even force people to use sftp or https to transfer files.
