Set up Active Directory or LDAP Authentication in TurboFTP File Transfer Server
Active Directory is Microsoft’s implementation of LDAP (Lightweight Directory Access Protocol). It provides a broad range of services that Windows domain networks depend on. Through Active Directory, users and their access to domain resources can be managed in a centralized manner. Setting up FTP or SFTP server Active Directory authentication allows the file transfer service to use AD as the authentication source and the same user set maintained in AD, which makes it easily fit in a corporate environment.

TurboFTP Server has built-in support for Active Directory and LDAP. Secure FTP server Active Directory or LDAP (Lightweight Directory Access Protocol) authentication can be configured and tested through its Management Console (TSRMC program).

This step-by-step guide will show you how to configure FTP/SFTP server Active Directory or Open LDAP authentication in TurboFTP Server:

Overview

In order to make connection to FTP server more secure, several techniques can be used and one of them is to use Active Directory or LDAP integrated authentication.
This step-by-step guide will show you how to configure Active Directory and OpenLDAP to use as authentication provider.

Create AD Bind account for TurboFTP Server

  1. Right-click on Users OU and Select New => User.

  2. Provide First, Last, Display and login name and click Next.

  3. Specify a password, click Next and Finish.

  4. Using the same approach create New User account.

  5. Double-click on the newly created user and go to Profile tab.

  6. Specify path to user’s home directory.

Configure TurboFTP Server to use Active Directory authentication

  1. Create New Domain.

  2. Specify domain name and IP address.

  3. Select Active Directory Authentication method and fill all fields.

  4. You can "Use User Principal Name to log in", so domain user login name should be in UPN form rather than FQDN.
    For example, user (cn=jsmith, OU=Users, DC=test, DC=local) should login as jsmith@test.local.

  5. Click Test button and provide BindDN login and password.

  6. If connection is successful, you will see a confirmation message.

  7. Specify FTP server's root folder.

Create LDAP bind account

  1. Create an answer file named tbftpsrv.ldif

    dn: ou=Users,dc=test,dc=local
    objectClass: organizationalUnit
    ou: Users

    dn: uid=tbftpsrv,ou=Users,dc=test,dc=local
    objectClass: inetOrgPerson
    objectClass: posixAccount
    objectClass: shadowAccount
    uid: tbftpsrv
    sn: tbftpsrv
    givenName: tbftpsrv
    cn: tbftpsrv
    displayName: tbftpsrv
    uidNumber: 10000
    gidNumber: 5000
    userPassword: !TurboFTP_Bind_Account_Password!
    gecos: tbftpsrv
    loginShell: /bin/bash
    homeDirectory: /home/tbftpsrv

  2. Add bind account to the LDAP directory.

    ldapadd -x -D cn=admin,dc=test,dc=local -W -f tbftpsrv.ldif
  3. You will be asked for admin password.

    Enter LDAP Password: ********
  4. If password is correct you will see that info from the file has been added.

    adding new entry "ou=Users,dc=test,dc=local"
    adding new entry "uid=tbftpsrv,ou=Users,dc=test,dc=local"
  5. Using the same approach create New User account by creating new file jsmith.ldif

    dn: uid=jsmith,ou=Users,dc=test,dc=local
    objectClass: inetOrgPerson
    objectClass: posixAccount
    objectClass: shadowAccount
    uid: jsmith
    sn: Smith
    givenName: John
    cn: John Smith
    displayName: John Smith
    uidNumber: 10001
    gidNumber: 5001
    userPassword: !UserPassword!
    gecos: John Smith
    loginShell: /bin/bash
    homeDirectory: /home/jsmith

Configure TurboFTP Server to use LDAP authentication

  1. Create New Domain.

  2. Specify domain name and IP address.

  3. Select LDAP Authentication method and fill all fields.

  4. You can "Use User Principal Name to log in", so domain user login name should be in UPN form rather than FQDN.
    For example, user (cn=jsmith, OU=Users, DC=test, DC=local) should login as jsmith@test.local.

  5. Click Test button and provide BindDN login and password.

  6. If connection is successful, you will see a message.

  7. Specify FTP server root folder.

Refresh user list

  1. By default, TurboFTP Server doesn’t refresh AD users list, so it’s empty. To refresh user list click on the Refresh button.

  2. Now users list should be populated.