ldap.conf

1. # LDAP authentication for proftpd, using posixGroups, as used by default within the kolab collaboration server
2. # subunit: ou=FTPGroups,ou=Groups,dc=domain,dc=com
3.  
4. # Author: Henning Hollermann
5. # Website: laclaro.wordpress.com
6. # License: GPLv3
7.  
8. <IfModule mod_ldap.c>
9.  
10.    LDAPUseTLS               yes
11.    AuthPAM                  off
12.    LDAPSearchScope          subtree
13.  
14.    LDAPServer               "127.0.0.1"
15.    LDAPAuthBinds            on
16.  
17.    LDAPBindDN "uid=kolab-service,ou=Special Users,dc=domain,dc=com" SERVICEPLAINPASSWORD
18.    LDAPDefaultUID           123
19.    LDAPDefaultGID           456
20.    LDAPDefaultAuthScheme    MD5
21.    # all users in the people unit are possible users
22.    LDAPUsers                ou=People,dc=domain,dc=com "(&(uid=%u)(objectClass=kolabinetorgperson)(authorizedService=ftp))"
23.    # groups have to be posixgroups with a uid number within ou=FTPGroups,ou=Groups,dc=domain,dc=com
24.    # first filter: group cn, second filter: group id, third filter: member uid
25.    LDAPGroups               ou=FTPGroups,ou=Groups,dc=domain,dc=com "(&(cn=%u)(objectClass=groupOfUniqueNames)(objectclass=posixgroup))" "(&(gidNumber=%u)(objectClass=groupOfUniqueNames)(objectclass=posixgroup))" "(&(uniqueMember=uid=%u,ou=People,dc=domain,dc=com)(objectClass=groupOfUniqueNames)(objectclass=posixgroup))"
26.    # create home directory, has to be writable by the proftpd user
27.    LDAPGenerateHomedirPrefix "/var/ftp/home/"
28.    LDAPGenerateHomedir on
29.    LDAPGenerateHomedir on
30.    LDAPForceGeneratedHomedir on
31. </IfModule>