ftp fails for user with bin false user mapped mode
1 - Set allow-disabled-shell = true setting in the vas.conf file to allow the FTP users with /bin/false shell.
Running the following command will set the setting in the /etc/opt/quest/vas/vas.conf file:
/opt/quest/bin/vastool configure vas vas_auth allow-disabled-shell true
Here are the details about the allow-disabled-shell option in the vas.conf man page:
allow-disabled-shell = <true | false>
Default value: false
Controls whether or not "Unix Disabled" users (users whose shells are set to "/bin/false"), are allowed to access to a given host through services that do not execute a shell.
Having the shell set to /bin/false, of course, implies that login services that provide shells will NOT allow access to the host. Because of this, this option more directly deals with applications such as FTP that do not execute a shell, yet still provide some access to a host. This setting also affects access to OS X systems through the login window which doesn't check a user's unix shell before providing system access.
If allow-disabled-shell is set to true, applications like FTP (which do not provide shell access) WILL grant access to users even if they are have their shells set to "/bin/false". If allow-disabled-shell is set to false, no application will grant access to a user whose shell is set to "/bin/false". This includes applications that do not grant shell access such as FTP.
[vas_auth]
allow-disabled-shell = true
© ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center