Tinggalkan komentar

Repadmin Examples pada Active Directory

Example 1: Display the replication partners of a server

The following example uses the showrepl operation of Repadmin to display the replication partners of Server1. This command is also used to find the objectGUID and InvocationID for a server for use with other operations.

No parameters are required for the showrepl operation. A remote connection is assumed; therefore, the server name (DC in the syntax) is included.

Type the following at the command prompt:

repadmin /showrepl server1.microsoft.com

Press Enter and the following output is displayed:

repadmin /showrepl server1.microsoft.com
Building7a\server1
DC Options : IS_GC
Site OPtions: (none)
DC object GUID : 405db077-le28-4825-b225-c5bb9af6f50b
DC invocationID: 405db077-le28-4825-b225-c5bb9af6f50b

==== INBOUND NEIGHBORS ======================================

CN=Schema,CN=Configuration,DC=microsoft,Dc=com
    Building7b\server2 via RPC
         objectGuid: e55c6c75-75bb-485a-a0d3-020a44c3afe7
         last attempt @ 2002-09-09 12:25.35 was successful.


CN=Configuration,DC=microsoft,Dc=com
    Building7b\server2 via RPC
          objectGuid: e55c6c75-75bb-485a-a0d3-020a44c3afe7
         last attempt @ 2002-09-09 12:25.10 was successful.


DC=microsoft,Dc=com
     Building7b\server2 via RPC
          objectGuid: e55c6c75-75bb-485a-a0d3-020a44c3afe7
          last attempt @ 2001-09-09 12:25.11 was successful.



Example 2: Initiate a replication event between two replication partners

The following example uses the replicate operation of Repadmin to make Server2 initiate replication of the domain directory partition for microsoft.com from Server1. In this example, Server1 is the source server and Server2 is the destination server.

The required parameters for the replicate operation are the name of the server that will receive changes (DestDC in the syntax), the name of the directory partition (NamingContext in the syntax), and the name of the server that will send the changes (SrcDC in the syntax).

Type the following at the command prompt:

repadmin /replicate server2.microsoft.com server1.microsoft.com dc=microsoft,dc=com

Press Enter and the following output is displayed:

server2.microsoft.com
Sync from server1.microsoft.com to server2.microsoft.com completed successfully.

Example 3: Initiate a replication event for a specified directory partition with all of its replication partners

The following example uses the syncall operation of Repadmin to make Server1 initiate replication of the domain directory partition for microsoft.com from all of its source replication partners in the same site and to make all of the source replication partners initiate replication for microsoft.com from all of their source replication partners in the same site, and so on.

The required parameter for the syncall operation is the server name (DC in the syntax). The name of the directory partition (NamingContext in the syntax) that will be synchronized is also included in this example. If this name is not included, only the configuration partition is synchronized.

Type the following at the command prompt:

repadmin /syncall server1.microsoft.com dc=microsoft,dc=com

Press Enter and the following output is displayed:

repadmin /syncall server1 dc=microsoft,dc=com
Syncing partition: dc=microsoft,dc=com
CALLBACK MESSAGE: The following replication is in progress:
    From: fea22f1d-a456-4f70-aa06-bedbda29e7eb._msdcs.microsoft.com
    To  : 5c02bcaf-86d9-4bed-811e-d17a5cebf8bb._msdcs.microsoft.com
CALLBACK MESSAGE: The following replication completed successfully:
    From: fea22f1d-a456-4f70-aa06-bedbda29e7eb._msdcs.microsoft.com
    To  : 5c02bcaf-86d9-4bed-811e-d17a5cebf8bb._msdcs.microsoft.com
CALLBACK MESSAGE: SyncAll Finished.
SyncAll terminated with no errors.

Example 4: Display the highest Update Sequence Number on a server

The following example uses the showutdvec operation of Repadmin to show the highest USNs for a specified directory partition on each replication partner. In this example, there are only two replication partners and the directory partition is the domain directory partition for the microsoft.com domain.

The only required parameter for the showutdvec operation is the distinguished name of the directory partition (NamingContext in the syntax). A remote connection is assumed so a server name (DC_LIST in the syntax) is also included.

Type the following at the command prompt:

repadmin /showutdvec . dc=microsoft,dc=com server2.microsoft.com

Press Enter and the following output is displayed:

repadmin running command /showutdvec against server localhost

Caching GUIDs.
..
Building7b\Server1    @ USN    295458 @ Time 2002-09-09 19:33:42
Building7b\Server2    @ USN    338194 @ Time 2002-09-09 19:38:16


 

Example 5: View unreplicated changes between two servers

The following example uses the showchanges operation of Repadmin to view changes that have not yet replicated between Server1 and Server2. In this example Server1 is the source server and is sending the changes while Server2 is the destination server and is receiving the changes.

This is one implementation of the showchanges operation. For another implementation of this operation see Example 6: Create a file to determine what changes have occurred over a period of time.

The required parameters for this version of the showchanges operation are the objectGuid of the directory partition on the source server (referred to as SourceDCObjectGUID in the syntax line) and the name of the directory partition (referred to in the syntax line as NamingContext). A remote connection is assumed so the destination server name (referred to in the syntax line as DestDC) is also included.

Type the following at the command prompt:

repadmin /showchanges server2.microsoft.com 5c02bcaf-86d9-4bed-811e-d17a5cebf8bb dc=microsoft,dc=com

Press Enter and the following output is displayed:

server2.microsoft.com
Building starting position from destination server rktlabdc2.rktlabdom.com

Source Neighbor:
dc=microsoft,dc=com
==== INBOUND NEIGHBORS ======================================

dc=microsoft,dc=com
    Building7b\Server1 via RPC
        DC object GUID: 5c02bcaf-86d9-4bed-811e-d17a5cebf8bb
        Address: 5c02bcaf-86d9-4bed-811e-d17a5cebf8bb._msdcs.microsoft.com
        DC invocationID: 064152bc-f8e8-404f-bd64-cdd9bb3958cb
        SYNC_ON_STARTUP DO_SCHEDULED_SYNCS WRITEABLE
        USNs: 296048/OU, 296048/PU
        Last attempt @ 2002-09-09 20:03:53 was successful.

Destination's up-to-date vector:
064152bc-f8e8-404f-bd64-cdd9bb3958cb @ USN 296163
fea22f1d-a456-4f70-aa06-bedbda29e7eb @ USN 338287

==== SOURCE DC: 5c02bcaf-86d9-4bed-811e-d17a5cebf8bb._msdcs.microsoft.com ====

No Changes


 

Example 6: Create a file to determine what changes have occurred over a period of time

The following example uses the showchanges operation of Repadmin to create a file that records replication changes. By running the showchanges operation later you can compare the file created earlier to the current replication state.

This is one implementation of the showchanges operation. For another implementation of this operation see Example 5: View unreplicated changes between two servers.

The only required parameter for this version of the showchanges operation is the name of the directory partition (NamingContext in the syntax) on which the check should be performed. In this example, the check is performed remotely so the server name (SourceDC in the syntax) is included as well as the /cookie: parameter, along with the name of the file to be created.

Type the following at the command prompt:

repadmin /showchanges dc=microsoft,dc=com server2.microsoft.com /cookie:microsoft.txt

Press Enter and the following output is displayed:

pDcList->szSp.. server2
Using cookie from file test.txt (132 bytes)

==== SOURCE DC: server2 ====

Objects returned: 2
(0) modify CN=00000000000000000000000000000000,CN=VolumeTable,CN=FileLinks,CN=Sy
stem,DC=rktlabdom,DC=com
    1> objectGUID: c4955e2f-ab7c-4f96-bdb6-bf29b97ce3df
    1> instanceType: 0x4 = ( IT_WRITE )
    1> seqNotification: 130
(1) modify DC=..SerialNo-server1.microsoft.com,DC=microsoft.com,CN=MicrosoftDN
S,CN=System,DC=microsoft,DC=com
    1> objectGUID: 0422b130-bf39-4549-aeea-64ed264d10c2
    1> instanceType: 0x4 = ( IT_WRITE )
    1> dnsRecord: <32 byte blob>
New cookie written to file microsoft.txt (132 bytes)

Example 7: Display the connection objects for a server

The following example uses the showconn operation of Repadmin to show connection objects for a server.

No parameters are required for showconn operation. In this example, a remote connection is assumed so the server name (DC_LIST in the syntax) is specified. All connection objects for Server2 are shown.

Type the following at the command prompt:

repadmin /showconn server2.microsoft.com

Press Enter and the following output is displayed:

repadmin running command /showconn against server server2.microsoft.com

Show Connection Objects
Base DN:   CN=Building7b,CN=Sites,CN=Configuration,DC=microsoftDc=com
==== KCC CONNECTION OBJECTS ============================================
Connection --
    Connection name : b415ba00-8d8d-429b-8a3d-21fd06a99a6c
    Server DNS name : server2.microsoft.com
    Server DN  name : CN=NTDS Settings,CN=SERVER2,CN=Servers,CN=Building7b,CN=Sites,CN=Configuration,DC=microsoft,DC=com
 Source: Building7b\Server2
         No Failures.
 TransportType: intrasite RPC
 options:  isGenerated
  Reason:  RingTopology
          Replica link has been added.
  ReplicatesNC: DC=DomainDnsZones,DC=microsoft,DC=com
  Reason:  RingTopology
          Replica link has been added.
  ReplicatesNC: CN=Configuration,DC=microsoft,DC=com
  Reason:  RingTopology
          Replica link has been added.
  ReplicatesNC: DC=microsoft,DC=com
  Reason:  RingTopology
          Replica link has been added.
  ReplicatesNC: CN=Schema,CN=Configuration,DC=microsoft,DC=com
  Reason:  RingTopology
          Replica link has been added.
Connection --
    Connection name : 2357ff7a-4e54-46e2-a387-2e35b0560ab7
    Server DNS name : server2.microsoft.com
    Server DN  name : CN=NTDS Settings,CN=RKTLABDC2,CN=Servers,CN=Building7b,CN=Sites,CN=Configuration,DC=microsoft,DC=com
        Source: Building7b\Server2
                No Failures.
        TransportType: intrasite RPC
        options:  isGenerated
        ReplicatesNC: DC=DomainDnsZones,DC=microsoft,DC=com
        Reason:  RingTopology
                Replica link has been added.
        ReplicatesNC: DC=ForestDnsZones,DC=microsoft,DC=com
        Reason:  RingTopology
                Replica link has been added.
        ReplicatesNC: CN=Configuration,DC=microsoft,DC=com
        Reason:  RingTopology
                Replica link has been added.
        ReplicatesNC: DC=microsoft,DC=com
        Reason:  RingTopology
                Replica link has been added.
        ReplicatesNC: CN=Schema,CN=Configuration,DC=microsoft,DC=com
        Reason:  RingTopology
                Replica link has been added.
2 connections found.         
        

Example 8: Display the replication signature for a server

The following example uses the showsig operation of Repadmin to show the replication signature for a server.

No parameters are required for the showsig operation. In this example, a remote connection is assumed so the server name (DC_LIST in the syntax) is specified.

Type the following at the command prompt:

repadmin /showsig server1.microsoft.com

Press Enter and the following output is displayed:

server1.microsoft.com
Building7a\server1

Current DC invocationID: 415db077-1e28-4588-b255-c5bb9af6f50b (current)

No retired signatures.

Example 9: Display the context handles for the replication process

The following example uses the showctx operation of Repadmin to show the open connections to the server that are established by remote servers.

No parameters are required for the showctx operation. This example specifies the server name (DC_LIST in the syntax) on which the check should be performed.

Type the following at the command prompt:

repadmin /showctx server2.microsoft.com

Press Enter and the following output is displayed:

server1.microsoft.com
Caching GUIDs.
..
3 open context handles.

NTDSAPI client @ 10.193.36.209 (PID 1528) (Handle 0x20b8a38)
    bound, refs=1, last used 2002-09-09 14:21:41

Building7a\Server1 @ 10.193.36.210 (PID 460) (Handle 0x20b8c40)
    bound, refs=1, last used 2002-09-09 14:23:22

NTDSAPI client @ 10.193.36.210 (PID 2976) (Handle 0x20bb960)
    bound, refs=2, last used 2002-09-09 14:23:28


Example 10: Showing the replication status of a forest using replsummary and wildcard characters.

The following example uses the replsummary operation and a wildcard character to show a summary of the replication status for all the domain controllers in the forest with a name beginning with ‘FOURTH’.

Type the following at the command prompt:

repadmin /replsummary FOURTH*

Press Enter and the following output is displayed:

repadmin /replsummary FOURTH*
Replication Summary Start Time: 2002-09-18 14:54:49

Beginning data collection for replication summary, this may take awhile:

Source DC           largest delta  fails/total  %%  error
 FOURTH-CLT-DC-01             54m:57s    0 /   9    0
 FOURTH-DC-05                 41m:23s    0 / 175    0
 FOURTH-DC-06                 55m:08s    0 /  66    0
 FOURTH-DC-07                 09m:29s    0 /  97    0
 FOURTH-DC-08             18h:05m:02s   56 /  56  100  (1722) The RPC server is unavailable.
 FOURTH-DC-09                 56m:47s    0 /  12    0
 FOURTH-DC-10                 55m:10s    0 /  13    0
 FOURTH-DC-11                 56m:48s    0 /  46    0
 FOURTH-DC-12                 57m:09s    0 /  34    0
 FOURTH-DC-13                 55m:52s    0 /  64    0
 FOURTH-DC-14                 55m:52s    0 /  85    0
 FOURTH-DC-15                 09m:21s    0 /  50    0
 FOURTH-DC-16                 58m:02s    0 /  37    0
 FOURTH-DC-17                 57m:00s    0 /  48    0
 FOURTH-DC-18                 57m:00s    0 /  22    0
 FOURTH-DC-19                 58m:02s    0 /  22    0
 FOURTH-DC-20                 08m:05s    0 /  22    0
 FOURTH-DC-21                 05m:43s    0 /  22    0
 FOURTH-DC-22             09h:06m:29s    0 / 199    0
 FOURTH-DC-23                 09m:29s    0 /  34    0
 FOURTH-DC-24                 56m:48s    0 / 184    0
 FOURTH-DC-25                 41m:22s    0 /  71    0
 FOURTH-DC-26                 08m:16s    0 / 108    0
 FOURTH-DC-30                 55m:13s    0 /  47    0
 FOURTH-DC-31                 41m:23s    0 /  56    0
 FOURTH-SVC-DC-40             57m:02s    0 /   9    0
 FOURTH-TK-DC-27              07m:02s    0 /  54    0
 FOURTH-TK-DC-28              08m:01s    1 / 161    0  (8461) The replication operation was preempted.
 FOURTH-TK-DC-29              55m:10s    0 / 115    0
 
Experienced the following operational errors trying to retrieve replication information:
          58 - fourth-dc-08.fourthcoffee.com

Example 11: Showing the attributes of a specific object.

The following example uses the showattr operation to show the attributes of a specific object in the Active Directory.

Type the following at the command prompt:

repadmin /showattr fsmo_dnm: ncobj:config: /subtree /filter:(objectClass=crossRef) /atts:nCName,dnsRoot,net,dnsRoot,net,biosname,systemFlags /homeserver:FOURTH-DC-26

Press Enter and the following output is displayed:

repadmin running command /showattr against server aseanl-test2.fourthcoffee.com

DN: CN=Enterprise Configuration,CN=Partitions,CN=Configuration,DC=fourthcoffee,DC=com
    1> nCName: CN=Configuration,DC=fourthcoffee,DC=com
    1> dnsRoot: fourthcoffee.com
    1> systemFlags: 0x1 = ( FLAG_CR_NTDS_NC )
DN: CN=fourthcoffee,CN=Partitions,CN=Configuration,DC=fourthcoffee,DC=com
    1> nCName: DC=fourthcoffee,DC=com
    1> dnsRoot: fourthcoffee.com
    1> systemFlags: 0x3 = ( FLAG_CR_NTDS_NC | FLAG_CR_NTDS_DOMAIN )
DN: CN=Enterprise Schema,CN=Partitions,CN=Configuration,DC=fourthcoffee,DC=com
    1> nCName: CN=Schema,CN=Configuration,DC=fourthcoffee,DC=com
    1> dnsRoot: fourthcoffee.com
    1> systemFlags: 0x1 = ( FLAG_CR_NTDS_NC )
DN: CN=866c366e-7877-49e5-8121-67eefd488551,CN=Partitions,CN=Configuration,DC=fourthcoffee,DC=com
    1> nCName: DC=DomainDnsZones,DC=fourthcoffee,DC=com
    1> dnsRoot: DomainDnsZones.fourthcoffee.com
    1> systemFlags: 0x5 = ( FLAG_CR_NTDS_NC | FLAG_CR_NTDS_NOT_GC_REPLICATED )
DN: CN=a07b7cea-1754-478c-84a5-c7b127ba5024,CN=Partitions,CN=Configuration,DC=fourthcoffee,DC=com
    1> nCName: DC=ForestDnsZones,DC=fourthcoffee,DC=com
    1> dnsRoot: ForestDnsZones.fourthcoffee.com
    1> systemFlags: 0x5 = ( FLAG_CR_NTDS_NC | FLAG_CR_NTDS_NOT_GC_REPLICATED )

 

Tinggalkan komentar

Install Dan Konfigurasi VSFTPD di Backtrack

Assalamu’alaikum Wr Wb

 

Allow All, ketemu lagi dengan saia nubie yang pengen tau segalanya dengan peralatan apa adanya :D

oke di thread ini saya akan menjelaskan bagaimana cara install dan mengkonfigurasi VSFTPD

mungkin akan saya jelaskan sedikit pengetahuan saya tentang VSFTPD,

Apasih Vsftpd itu?

Vsftpd adalah salah satu aplikasi untuk menjalankan FTP server. ( Simple kan) :D

Gunanya buat apa sih?

Misalkan ada seorang user pengguna web ingin mengupload file websitenya dengan ukuran besar, g mungkin kan usernya mau ke tempat servernya???

nah VSFTPD ini nanti yang turun untuk membantu memudahkan user mengirimkan file2nya nah user tinggal menggunakan filezilla sebagai aplikasi di cliennya :D

 

OK Sekarang kita mulai Install VSFTPD nya ya:

 

Installing vsftpd di Backtrack

apt-get install vsftpd

 

Menjalankan Service vsftpd:

service vsftpd start

 

Membuat Group FTP-users

groupadd ftp-users

 

Mengubah kepemilikan group:

chown root:ftp-users /home/

 

Add user  and Password:

useradd -g ftp-users -d /home/ jegrex ( maksudnya adalah –> kita membuat user baru di dalam group ftp-users di dalam directory /home/ dengan nama user jegrex)

passwd jegrex ( password silahkan di isi sendiri)

 

Setelah kita selesai install kemudian membuat group ftp-user dan nama user, kita akan mencoba untuk tes dengan FileZilla di client dengan mengirimkan mengirimkan file

Dari sisi Client kita akan setting seperti ini:

set ftp

Ip ftp yang kita set di mesin berbeda- beda, kebetulan disini saya menggunakan vmware sebagai server virtual.

setelah kita setting ftp client kita akan coba konek dan mentransfer sebuah file untuk menguji sukses dan tidaknya vsftpd ini dibangun.

disini karena konfigurasi saya masih standart jadi transfernya gagal:

 

gagal

 

Bagimana configurasi vsftpd:

Sekarang seteleah kita install vsftpd, ikuti prosedur ini untuk konfigurasinya. step ini standart untuk semua varian linux.

sebelum kita mulai, stop vsftpdnya dulu dengan perintah:

service vsftpd stop

Edit vsftp.conf

gedit /etc/vsftpd.conf

Berikut vsftpd.conf saya dan silahkan dicocokkan  :

# Example config file /etc/vsftpd.conf
#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd’s
# capabilities.
#
#
# Run standalone?  vsftpd can run either from an inetd or as a standalone
# daemon started from an initscript.
listen=YES
#
# Run standalone with IPv6?
# Like the listen parameter, except vsftpd will listen on an IPv6 socket
# instead of an IPv4 one. This parameter and the listen parameter are mutually
# exclusive.
#listen_ipv6=YES
#
# Allow anonymous FTP? (Disabled by default)
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd’s)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
anon_mkdir_write_enable=YES
#
# Activate directory messages – messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# If enabled, vsftpd will display directory listings with the time
# in  your  local  time  zone.  The default is to display GMT. The
# times returned by the MDTM FTP command are also affected by this
# option.
use_localtime=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=NO
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using “root” for uploaded files is not
# recommended!
# chown_uploads=YES
# chown_username=daemon
#
# You may override where the log file goes if you like. The default is shown
# below.
#xferlog_file=/var/log/vsftpd.log
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
#xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command “SIZE /big/file” in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd.banned_emails
#
# You may restrict local users to their home directories.  See the FAQ for
# the possible risks in this before using chroot_local_user or
# chroot_list_enable below.
chroot_local_user=YES
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_local_user=YES
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd.chroot_list
#
# You may activate the “-R” option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as “ncftp” and “mirror” assume
# the presence of the “-R” option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
#
# Debian customization
#
# Some of vsftpd’s settings don’t fit the Debian filesystem layout by
# default.  These settings are more Debian-friendly.
#
# This option should be the name of a directory which is empty.  Also, the
# directory should not be writable by the ftp user. This directory is used
# as a secure chroot() jail at times vsftpd does not require filesystem
# access.
secure_chroot_dir=/var/run/vsftpd/empty
#
# This string is the name of the PAM service vsftpd will use.
pam_service_name=vsftpd
#
# This option specifies the location of the RSA certificate to use for SSL
# encrypted connections.
rsa_cert_file=/etc/ssl/private/vsftpd.pem

untuk mengaktifkan user yang ini membaca dan mengirimkan file di directory server kita harus mengganti permisinya seperti ini:

cd /home/

ls -l

chown -R  /home/solo/

chmod 775 /home/solo/

Create userlist file dan add user:

gedit /etc/vsftpd.userlist

and add the user:

tatoka

simpan file dan bukan vsftp.conf file lagi:

gedit /etc/vsftpd.conf

Tambahkan didalam akhiran line dan simpan:

# the list of users to give access
userlist_file=/etc/vsftpd.userlist

# this list is on
userlist_enable=YES

# It is not a list of users to deny ftp access
userlist_deny=NO

Setelah prosedure selesai kita akan sedikit mengalami masalah error permission ada sekitar 500 OOPS dan untuk memperbaiki masalah permission ini kita harus membuat settingan set shell nologin.

berikut langkahnya:

gedit /etc/shells

File terlihat seperti ini:

/bin/ksh
/usr/bin/rc
/usr/bin/tcsh
/bin/tcsh
/usr/bin/esh
/bin/dash
/bin/bash
/bin/rbash

Tambahkan perintah berikut di akhiran line:

/usr/sbin/nologin

Buat usergroup dan add  ftpuser :

addgroup ftpusers
usermod -Gftpusers ftpuser

start vsftpd:

service vsftpd start

That’s it. Now you have a secure installation of vsftpd on your server.

Ikuti

Kirimkan setiap pos baru ke Kotak Masuk Anda.

Bergabunglah dengan 143 pengikut lainnya