Set up Active Directory or LDAP Authentication in TurboFTP File Transfer Server
Active Directory is Microsoft’s implementation of LDAP (Lightweight Directory Access Protocol). It provides a broad range of services that Windows domain networks depend on. Through Active Directory, users and their access to domain resources can be managed in a centralized manner. Setting up FTP or SFTP server Active Directory authentication allows the file transfer service to use AD as the authentication source, and the same user set maintained in AD makes it easily fit in a corporate environment.

TurboFTP Server has built-in support for Active Directory and LDAP. secure FTP server Active Directory or LDAP (Lightweight Directory Access Protocol) authentication can be configured and tested through its Management Console (TSRMC program).

This step-by-step guide will show you how to configure FTP/SFTP server Active Directory or Open LDAP authentication in TurboFTP Server:

Overview

Several techniques can be used to make the connection to the FTP server more secure, and one of them is to use Active Directory or LDAP integrated authentication.
This step-by-step guide will show you how to configure Active Directory and OpenLDAP to use as the authentication provider.

Create an AD Bind account for TurboFTP Server

  1. Right-click on Users OU and Select New => User.

  2. Provide First, Last, Display, and login name and click Next.

  3. Specify a password, click Next, and Finish.

  4. Using the same approach to create a New User account.

  5. Double-click on the newly created user and go to the Profile tab.

  6. Specify the path to the user’s home directory.

Configure TurboFTP Server to use Active Directory authentication

  1. Create New Domain.

  2. Specify the domain name and IP address.

  3. Select Active Directory Authentication method and fill all fields.

  4. You can "Use User Principal Name to log in", so the domain user login name should be in UPN form rather than FQDN.
    For example, user (cn=jsmith, OU=Users, DC=test, DC=local) should login as jsmith@test.local.

  5. Click the Test button and provide BindDN login and password.

  6. If the connection is successful, you will see a confirmation message.

  7. Specify the FTP server's root folder.

Create an LDAP bind account

  1. Create an answer file named tbftpsrv.ldif

    dn: ou=Users,dc=test,dc=local
    objectClass: organizationalUnit
    ou: Users

    dn: uid=tbftpsrv,ou=Users,dc=test,dc=local
    objectClass: inetOrgPerson
    objectClass: posixAccount
    objectClass: shadowAccount
    uid: tbftpsrv
    sn: tbftpsrv
    givenName: tbftpsrv
    cn: tbftpsrv
    displayName: tbftpsrv
    uidNumber: 10000
    gidNumber: 5000
    userPassword: !TurboFTP_Bind_Account_Password!
    gecos: tbftpsrv
    loginShell: /bin/bash
    homeDirectory: /home/tbftpsrv

  2. Add bind account to the LDAP directory.

    ldapadd -x -D cn=admin,dc=test,dc=local -W -f tbftpsrv.ldif
  3. You will be asked for admin password.

    Enter LDAP Password: ********
  4. If password is correct you will see that info from the file has been added.

    adding new entry "ou=Users,dc=test,dc=local"
    adding new entry "uid=tbftpsrv,ou=Users,dc=test,dc=local"
  5. Using the same approach create New User account by creating a new file jsmith.ldif

    dn: uid=jsmith,ou=Users,dc=test,dc=local
    objectClass: inetOrgPerson
    objectClass: posixAccount
    objectClass: shadowAccount
    uid: jsmith
    sn: Smith
    givenName: John
    cn: John Smith
    displayName: John Smith
    uidNumber: 10001
    gidNumber: 5001
    userPassword: !UserPassword!
    gecos: John Smith
    loginShell: /bin/bash
    homeDirectory: /home/jsmith

Configure TurboFTP Server to use LDAP authentication

  1. Create New Domain.

  2. Specify a domain name and IP address.

  3. Select the LDAP Authentication method and fill in all fields.

  4. You can "Use User Principal Name to log in", so the domain user login name should be in UPN form rather than FQDN.
    For example, user (cn=jsmith, OU=Users, DC=test, DC=local) should login as jsmith@test.local.

  5. Click the Test button and provide BindDN login and password.

  6. If the connection is successful, you will see a message.

  7. Specify the FTP server root folder.

Refresh user list

  1. By default, TurboFTP Server doesn’t refresh the AD users list, so it’s empty. To refresh the user list, click on the Refresh button.

  2. Now users list should be populated.