Virtual Mail And FTP Hosting With iRedMail And Pure-FTPd - Page 2

6 Add LDAP attributes and values

Add LDAP attributes and values for exist mail user

Use phpLDAPadmin or other tools to add sample LDAP attributes and values for existing mail users.

Attribute Name Value
objectClass PureFTPdUser
FTPStatus enabled
FTPQuotaFiles 50
FTPQuotaMBytes 10
FTPDownloadBandwidth 50
FTPUploadBandwidth 50
FTPDownloadRatio 5
FTPUploadRatio 1
FTPHomeDir /home/ftp/example.com/username/

Log into phpLDAPadmin:

Find the existing mail user [email protected]:

Add Object Class for the user [email protected]:

Select the Object Class PureFTPdUser:

The result:

Add PureFTPdUser attitbute:

All the attributes about PureFTPdUser:

Enable FTP status:

Add all the PureFTP attributes according to the below form:

 

Add LDAP attributes and values for new user

You can use the iredmail tools to quickly create a new user including the PureFTP attributes and values.

cd /iRedMail-0.5.0-rc2/tools/ 
vi create_mail_user_OpenLDAP.sh
LDAP_SUFFIX="dc=example,dc=com" # <- Change the LDAP suffix
BINDPW='passwd'                 # <- The user cn=manager,dc=example,dc=com password
PUREFTPD_INTEGRATION='YES'      # <- Change form NO to YES,enable the pureftp inteegration

Run the script create the users user1 and user2. By default, the default password is same as the user name.

bash create_mail_user_OpenLDAP.sh example.com user1 user2

adding new entry "ou=Users,domainName=example.com,o=domains,dc=example,dc=com"
ldapadd: Already exists (68)

adding new entry "ou=Groups,domainName=example.com,o=domains,dc=example,dc=com"
ldapadd: Already exists (68)

adding new entry "ou=Aliases,domainName=example.com,o=domains,dc=example,dc=com"
ldapadd: Already exists (68)

adding new entry "[email protected],ou=Users,domainName=example.com,o=domains,dc=example,dc=com"

adding new entry "[email protected],ou=Users,domainName=example.com,o=domains,dc=example,dc=com"

 

7 Configure iptables

By default the ports 20 and 21 are not open. If you use the ftp client test, you need open the ports 20 and 21.

vi /etc/sysconfig/iptables
# http/https, smtp/smtps, pop3/pop3s, imap/imaps, ssh
-A INPUT -p tcp -m multiport --dport 80,443,25,465,110,995,143,993,587,465,22,20,21 -j ACCEPT # <-- Add 20 21 

Restart the iptables service:

/etc/init.d/iptables restart

 

8 Testing

You can use a Windows FTP client or the Linux ftp client lftp for testing.

lftp localhost 
lftp localhost:~> debug 4
lftp localhost:~> login [email protected] user1 # <-- type in the username and password
lftp [email protected]@localhost:~> ls

---- Connecting to localhost (127.0.0.1) port 21
<--- 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
<--- 220-You are user number 1 of 50 allowed.
<--- 220-Local time is now 16:25. Server port: 21.
<--- 220-IPv6 connections are also welcome on this server.
<--- 220 You will be disconnected after 15 minutes of inactivity.
<--- 211-Extensions supported:
<--- EPRT
<--- IDLE
<--- MDTM
<--- SIZE
<--- REST STREAM
<--- MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
<--- MLSD
<--- ESTP
<--- PASV
<--- EPSV
<--- SPSV
<--- ESTA
<--- AUTH TLS
<--- PBSZ
<--- PROT
<--- UTF8
<--- 211 End.
<--- 500 This security scheme is not implemented
<--- 200 OK, UTF-8 enabled
<--- 200 MLST OPTS type;size;sizd;modify;UNIX.mode;UNIX.uid;UNIX.gid;unique;
<--- 331 User [email protected] OK. Password required
<--- 230-Your bandwidth usage is restricted
<--- 230-User [email protected] has group access to: vmail
<--- 230-You must respect a 1:5 (UL/DL) ratio
<--- 230-OK. Current restricted directory is /
<--- 230-0 files used (0%) - authorized: 50 files
<--- 230 0 Kbytes used (0%) - authorized: 10240 Kb
<--- 257 "/" is your current location
<--- 227 Entering Passive Mode (127,0,0,1,32,58)
<--- 150 Accepted data connection
drwxr-xr-x 2 500 vmail 4096 Jun 10 16:16 .
drwxr-xr-x 2 500 vmail 4096 Jun 10 16:16 ..
-rw------- 1 500 vmail 0 Jun 10 16:16 .ftpquota

 

9 Troubleshooting

Enable verbose logging in pure-ftpd.conf:

vi /etc/pure-ftpd/pure-ftpd.conf
VerboseLog                  yes # <-- change form no to yes 
vi /etc/syslog.conf
ftp.*                       -/var/log/pureftpd.log # <-- Add entry

Enable ldap logging:

vi /etc/openldap/slapd.conf
loglevel    256 # <-- change from 0 to 256 

Restart pure-ftpd, syslog, and openldap:

/etc/init.d/pure-ftpd restart
/etc/init.d/syslog restart
/etc/init.d/ldap restart

Monitor /var/log/pureftpd.log and /var/log/openldap.log for troubleshooting.

tail -0f /var/log/openldap.log
tail -0f /var/log/pureftpd.log

 

Share this page:

0 Comment(s)