Active Directory

Please post here if you have problems in using Wing FTP Server.

Active Directory

Postby JohanH » Thu Apr 21, 2011 8:47 am

Hi,

I activated the Active Directory auth for our domain.

The domain "administrator" account can log in, but other domain users can't..

Ideas?
JohanH
 
posts 6
 
joined Thu Apr 21, 2011 8:44 am

Re: Active Directory

Postby FTP » Thu Apr 21, 2011 9:41 am

Please make sure you are using the latest version 3.8.0, then please paste the related server logs.
FTP
Site Admin
 
posts 1200
 
joined Tue Sep 29, 2009 6:09 am

Re: Active Directory

Postby JohanH » Thu Apr 21, 2011 10:43 am

I am using 3.8.0

The 10:28:38 och 10:28:43 logins for administrator failed because I temporarily disabled the active directory function in WFTP just to check if it had connection with the AD, which it seems to have (as the administrator can log in after activating again)



06] Thu, 21 Apr 2011 10:21:15 (0000002) User 'administrator' logged out. (IP:192.168.39.137)
[06] Thu, 21 Apr 2011 10:21:51 (0000000) User 'c2' login failed! (IP:192.168.39.137)
[06] Thu, 21 Apr 2011 10:22:31 (0000000) User 'c117' login failed! (IP:192.168.39.137)
[06] Thu, 21 Apr 2011 10:28:13 (0000003) User 'administrator' logged in ok! (IP:192.168.39.137)
[05] Thu, 21 Apr 2011 10:28:14 (0000003) List ok
[06] Thu, 21 Apr 2011 10:28:19 (0000003) User 'administrator' logged out. (IP:192.168.39.137)
[06] Thu, 21 Apr 2011 10:28:38 (0000000) User 'administrator' login failed! (IP:192.168.39.137)
[06] Thu, 21 Apr 2011 10:28:43 (0000000) User 'administrator' login failed! (IP:192.168.39.137)
[06] Thu, 21 Apr 2011 10:28:58 (0000004) User 'administrator' logged in ok! (IP:192.168.39.137)
[05] Thu, 21 Apr 2011 10:28:58 (0000004) List ok
[06] Thu, 21 Apr 2011 10:29:02 (0000004) User 'administrator' logged out. (IP:192.168.39.137)
[06] Thu, 21 Apr 2011 10:29:50 (0000000) User 'test' login failed! (IP:192.168.39.137)
[06] Thu, 21 Apr 2011 10:30:58 (0000000) User 'test' login failed! (IP:192.168.39.137)
[06] Thu, 21 Apr 2011 10:32:35 (0000005) User 'administrator' logged in ok! (IP:192.168.39.137)
[05] Thu, 21 Apr 2011 10:32:35 (0000005) List ok
[06] Thu, 21 Apr 2011 10:32:39 (0000005) User 'administrator' logged out. (IP:192.168.39.137)
[06] Thu, 21 Apr 2011 10:32:42 (0000000) User 'test' login failed! (IP:192.168.39.137)
[06] Thu, 21 Apr 2011 10:49:04 (0000000) User 'test' login failed! (IP:192.168.39.137)
JohanH
 
posts 6
 
joined Thu Apr 21, 2011 8:44 am

Re: Active Directory

Postby FTP » Thu Apr 21, 2011 10:53 am

Please check the logs in Windows AD server too, I guess user "administrator" is your local computer user, not AD user. Just check whether you have connected to the Windows AD server.
FTP
Site Admin
 
posts 1200
 
joined Tue Sep 29, 2009 6:09 am

Re: Active Directory

Postby JohanH » Thu Apr 21, 2011 11:14 am

Ok, that could be right (local administrator).

I've set the parameter "Domain" to my domain name, at set a default home dir.

Shouldn't that be all? The server running Wing FTP is a memberserver of the domain (not a domain controller)

Or do I have to specify a domain controller?
JohanH
 
posts 6
 
joined Thu Apr 21, 2011 8:44 am

Re: Active Directory

Postby FTP » Thu Apr 21, 2011 11:30 am

Have you used Windows AD server before? Connected to your Windows AD server successfully before?
The domain name is not important, the important thing is you need to join the Windows AD domain from your local computer, like this:
http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/index.jsp?topic=/com.ibm.itame.doc_5.1/am51_webinstall78.htm
FTP
Site Admin
 
posts 1200
 
joined Tue Sep 29, 2009 6:09 am

Re: Active Directory

Postby JohanH » Thu Apr 21, 2011 11:43 am

The computer running Wing FTP is an server, running Windows Server 2003.
This server is a member of the domain trenter.net, eg it's installed as an member server in an AD domain.
The trenter.net domain also consists of a few other servers, where 2 of thoose are the domain controllers.
JohanH
 
posts 6
 
joined Thu Apr 21, 2011 8:44 am

Re: Active Directory

Postby FTP » Thu Apr 21, 2011 11:51 am

Just make sure you can connect to the Windows AD server successfully, then you can use the AD authentication.
FTP
Site Admin
 
posts 1200
 
joined Tue Sep 29, 2009 6:09 am

Re: Active Directory

Postby JohanH » Thu Apr 21, 2011 12:02 pm

The AD is of course working as it should. The administrator account used to log on to the server is an domain administrator account, stored in the AD. There is also an local administrator account (as usual), that happens to have the same password as the domain account.

There must be something wrong with Wing FTP, if it's asking the local computer for the logins, rather than the AD (domain controllers) where all the domain accounts are stored.
JohanH
 
posts 6
 
joined Thu Apr 21, 2011 8:44 am

Re: Active Directory

Postby JohanH » Thu Apr 21, 2011 12:16 pm

Just for you info, we have other products that uses the AD for auth also, working as it should.

But I'm a bit confused, as the other products need more info that just the domain name.

For example, our Watchguard firewall needs the actual IP-adress to one of the domain controllers, along with TCP port 389, searchbase "dc=trenter,dc=lan", group string "member of" and some other parameters to do the auth.
There is also an backup setting for the AD auth, where I have the IP adress for our second domain controller...

Is Wing FTP asking the AD (=domain controllers) for the username, or is it just a simple windows auth for accounts stored in the local computer where Wing FTP is installed?
JohanH
 
posts 6
 
joined Thu Apr 21, 2011 8:44 am

Next

Return to Support

Who is online

Users browsing this forum: No registered users and 2 guests

cron