Page 1 of 1

more ldap server

PostPosted: Fri Jun 11, 2021 10:29 am
by andrydo
Hi all,
I'm using "wing ftp server" 6.5.6 (windows) in our dmz zone.
I need to enter more than one ldap server in "Authentication settings" tab.
I can't open dns requests throught the firewall so i can use only the "hosts" file.
The question is:
may i enter more than one name (or ip) in "ldap host information" (this may be a "single point of failure")?

Inside your board i found the following suggestions:
The second is still right for me (expecially the need to install a special "luasocket library")?

King Regards

Re: more ldap server

PostPosted: Wed Jun 23, 2021 1:36 pm
by FTP
Please have a look at this blog article first:

Then modify the event script like this:

Code: Select all
local ldapServer1 = ""
local ldapServer2 = ""
local bindDN = "cn=%Name,cn=users,dc=wftpserver,dc=com"
local bindPass = "%Password"
if c_TestLDAP("%Domain", ldapServer1, 389, 3, 0, bindDN, bindPass) or c_TestLDAP("%Domain", ldapServer2, 389, 3, 0, bindDN, bindPass) then
   bSelfAuthenticated = true

You need to replace the first three lines into your own server addresses and bind DN.

Re: more ldap server

PostPosted: Mon Jun 28, 2021 8:27 am
by andrydo
Thanks for you suggestions.

I just needed to get some clarification on the strings to be inserted in "local BindDN= and "local BindPass="
Are %Name and %Password" parameters entered by the user at logon time?

Are these different from the parameters we entered in the "Bind Dn" field in "bind using simple authentication"?
In "Bind Dn" field we entered:
"CN=g******g,CN=Users,DC=pam,DC=local" where g******G is the user can query our AD tree.

Best Regards

Re: more ldap server

PostPosted: Tue Jun 29, 2021 6:09 am
by FTP
Yes, the variables "%Name" and "%Password" means username and password entered by the client.
And the bind DN variable is similar, you can try the following bind DN string:
local bindDN = "CN=%Name,CN=Users,DC=pam,DC=local"