I had a requirement to restrict who could log into a ftp server, to automatically create their home directory – but in a different directory thats set in LDAP – with the correct permissions, and then to chroot them into here. ProFTPd with mod_ldap happened to be the answer, although it took a little bit of fiddling to get the right settings, as below:
LDAPServer ldap.example.com
LDAPDoAuth on "ou=people,dc=example,dc=com"
"(&(uid=%v)(objectclass=posixAccount))"
LDAPDoUIDLookups on "ou=people,dc=example,dc=com"
CreateHome on 755
LDAPGenerateHomedir on
LDAPGenerateHomedirPrefix /path/to/base/dir
LDAPForceGeneratedHomedir on
RequireValidShell no
DefaultRoot ~
You can easily set this to autogenerate the home directory from the homeDirectory attribute in LDAP by removing the LDAPGenerateHomedirprefix and LDAPForceGeneratedHomedir lines. See the docs for more details on the directives.