server config, <VirtualHost>, <Global>
1.2.8rc1 and later
The AuthOrder directive configures the names of auth modules, and the order in which they will be checked when authenticating a user.
At least one module name must be given; there is no maximum number of modules that can be listed. The listed module names must the full name of the source file, e.g. "mod_auth_unix.c". To see a full list of module names, use "proftpd -l". Do not use "mod_auth.c", as that module is the authentication front end module, and is necessary.
You can make an auth module be "authoritative" by appending an asterisk (*) after the module name. Usually this is done for the "mod_auth_pam.c" module, to ensure that the login fails if the PAM check fails.
# Use only AuthUserFiles when authenticating, and not the system's /etc/passwd AuthOrder mod_auth_file.c
# If the user's information is not in LDAP, they're not a user to use # this server. AuthOrder mod_ldap.c
# Use SQL tables first, then LDAP, for authentication AuthOrder mod_sql.c mod_ldap.c
# Use the normal system /etc/passwd and PAM, but make sure that PAM is # authoritative about accepting or rejecting the login AuthOrder mod_auth_pam.c* mod_auth_unix.c