add documantation of additional requirements for FTP so that users can

log in and access files using the AD username/password

(This used to be ctdb commit 679e125770247fc24dfb14b5781d44f639457ecd)

1 files changed, 38 insertions, 0 deletions

diff --git a/ctdb/web/ftp.html b/ctdb/web/ftp.html
index 2f94a73eba..b1d1d17362 100644
--- a/ctdb/web/ftp.html
+++ b/ctdb/web/ftp.html
@@ -25,6 +25,44 @@ Disable vsftpd in chkconfig so that it does not start by default. Instead CTDB w
   chkconfig vsftpd off
 </pre>
 
+<h2>PAM configuration</h2>
+PAM must be configured to allow authentication of CIFS users so that the ftp 
+daemon can authenticate the users logging in.
+
+Make sure the following line is present in /etc/pam.d/system-auth
+<pre>
+auth        sufficient    pam_winbind.so use_first_pass
+
+</pre>
+If this line is missing you must enable winbind authentication by running 
+<pre>
+authconfig  --enablewinbindauth --update
+</pre>
+
+<h2>Default shell</h2>
+To log in to the ftp server, the user must have a shell configured in smb.conf.
+
+Add the following line to the globals section of /etc/samba/smb.conf 
+<pre>
+	template shell = /bin/bash
+</pre>
+
+<h2>Home directory</h2>
+FTP users must have a home directory configured so they can log in.
+Configure samba to provide home directories for domain users. These home 
+directories should be stored on shared storage so they are available from
+all nodes in the cluster.<br>
+
+
+A simple way to create homedirectories are to add
+<pre>
+	template homedir = /&lt;shared storage&gt;/homedir/%D/%U
+</pre>
+to /etc/samba/smb.conf .<br>
+
+The homedirectory must exist or the user will not be able to log in with FTP.
+
+
 <h2>Events script</h2>
 
 The CTDB distribution already comes with an events script for vsftp in the file /etc/ctdb/events.d/40.vsftpd<br><br>