openldap系列5-与vsftpd服务HYPERLINK"http://zhumeng8337797.blog.163.com/blog/"\l"m=0&t=1&c=fks_087069082086083075082085083095085086081068082094095066080"\o"LDAP"LDAP2010-11-0918:05:36阅读38评论4字号：大中小订阅1：关于VSFTP的整合支持，本地用户的验证支方法一：(实验成功)1。vsftpd.confanonymous_enable=NOxferlog_file=/var/log/vsftpd.loglocal_root=/data#作用是指定用户登录后的目录chroot_local_user=YES#用户不能离开自家目录2#authconfig-tuiuserinformation选择[UseLDAP]authentication选择[UseMD5Passwords][UseShadowPasswords][UseLDAPAuthentication]系统实际修改/etc/pam.d/下的一些文件：如图/etc/pam.d/system-auth1#%PAM-1.02#Thisfileisauto-generated.3#Userchangeswillbedestroyedthenexttimeauthconfigisrun.4authrequiredpam_env.so5authsufficientpam_unix.sonulloktry_first_pass6authrequisitepam_succeed_if.souid>=500quiet7authsufficientpam_ldap.souse_first_pass8authrequiredpam_deny.so910accountrequiredpam_unix.sobroken_shadow11accountsufficientpam_succeed_if.souid<500quiet12account[default=badsuccess=okuser_unknown=ignore]pam_ldap.so13accountrequiredpam_permit.so1415passwordrequisitepam_cracklib.sotry_first_passretry=316passwordsufficientpam_unix.somd5shadownulloktry_first_passuse_authtok17passwordsufficientpam_ldap.souse_authtok18passwordrequiredpam_deny.so1920sessionoptionalpam_keyinit.sorevoke21sessionrequiredpam_limits.so22session[success=1default=ignore]pam_succeed_if.soserviceincrondquietuse_uid23sessionrequiredpam_unix.so24sessionoptionalpam_ldap.so/etc/pam.d/system-auth-ac1#%PAM-1.02#Thisfileisauto-generated.3#Userchangeswillbedestroyedthenexttimeauthconfigisrun.4authrequiredpam_env.so5authsufficientpam_unix.sonulloktry_first_pass6authrequisitepam_succeed_if.souid>=500quiet7authsufficientpam_ldap.souse_first_pass8authrequiredpam_deny.so910accountrequiredpam_unix.sobroken_shadow11accountsufficientpam_succeed_if.souid<500quiet12account[default=badsuccess=okuser_unknown=ignore]pam_ldap.so13accountrequiredpam_permit.so1415passwordrequisitepam_cracklib.sotry_first_passretry=316passwordsufficientpam_unix.somd5shadownulloktry_first_passuse_authtok17p