Skip to content

Kerberos, Active Directory and ftp

It is not surprising that more and more users looks for Active Directory as the way to unify and to simplify the way to authenticate/authorize users and to save some money too.
After all Active Directory and Windows are almost in every office on this planet. Not to mention that if you work in a heavily audited environment the ability to have a single store of users definitions is really a blessing!

For about the last two months now, I am trying to get ftp working for AIX users authenticated with Kerberos services provided by Active Directory (2012).
I am not doing it alone, I have an open PMR and after numerous iptraces, snaps, and so forth my KERBEROS authenticated users still cannot use ftp…. and this sucks!
The locally (admin accounts) defined users can but the “flash & bone” users, the ones “living” in Active Directory cannot.

Is there someone out there who got this working and who is willing to share his/her knowledge, please?


Posted in Real life AIX.

Tagged with .

2 Responses

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

  1. Sebastian says

    Hi Mark
    I think this is not the first suggestion to ditch ftp and use sftp/scp instead. Who would use ftp in times like these anyway? If you can’t do this… maybe a vsftp ( might do what the standard aix ftp can’t.

    Cheers Sebastian

  2. MarkD:-) says


    if this was up to me there would be no ftp period. But unfortunately it is up the users and they insist on using, and since business “continuity” demands it ……

    All the best!


Some HTML is OK

or, reply to this post via trackback.

WordPress Anti Spam by WP-SpamShield

Copyright © 2016 - 2018 Waldemar Mark Duszyk. All Rights Reserved. Created by Blog Copyright.