[Samba] PPP Dial in

Craig White craigwhite at azapple.com
Thu Feb 26 16:02:47 GMT 2004

On Thu, 2004-02-26 at 04:54, Andrew Bartlett wrote:
> On Thu, 2004-02-26 at 15:36, Craig White wrote:
> > In case this matters... RH AS 3 / samba 3.0.0-14-3E
> > 
> > Just switched dial in from Windows RAS server to Linux PPP server. I
> > can't seem to figure out a way to allow Windows users to log in with
> > Domain name
> > 
> > i.e. /etc/ppp/pap.secrets
> > client       server    password    ip address
> > DOMAIN\user    *       my_pass     111.222.333.444
> > "DOMAIN\user"  *       my_pass     111.222.333.444
> > DOMAIN\\user   *       my_pass     111.222.333.444
> What you really want is to use the domain passwords.  
Yeah - it sort of bothers me to have to have another set of passwords
here - would prefer them to be referred to normal pam login
> > No matter what, I can't log on - if I use the domain. This means that
> > the dial-in user can't access the domain without network
> > browsing...which I have simplified somewhat by creating a batch file
> > that simply does 'explorer.exe \\Server'  - but that sure isn't pretty.
> So they are logging in on PPP fine, they just can't browse?  The PPP
> level and the SMB/Browsing level are very different problems.
PPP login without domain works - since they are WinXP Prof and already
joined to domain, they can browse but connection to 'persistent' shares
will fail unless I force a network browse first. 

Dial up just sucks anyway, I hate having to work this through - it takes
so long on dial-up for a user to browse through directories, locate and
then open a file with Microsoft Work, it hardly seems worth it. In all
these years, I have managed to escape setting up dial-in access except
for a few situations where I hung a modem off Windows NT Domain
controllers and used RAS. Clearly, that is much easier.
> > As long as we're going for the long ball, is there any methodology to
> > support L2TP via Samba? What I want is full Windows RAS from Samba ;-)
> It's not impossible.  See my paper at
> http://hawkerc.net/staff/abartlet/comp3700 for information on using
> PoPToP in a similar situation, but pppoe would also work.  Anything that
> can talk PPP can use the MS domain passwords.  I need to extend the
> patch provided to also work with plaintext...
wow - you da man

I didn't want to go to that much work to accommodate a few low tech
users and I was thinking more like the L2TP than PPTP but looking at
this, it seems your solution may be simpler. I didn't realize that
Macintosh clients could use PPTP. I know that L2TP support has been
added to Panther.


More information about the samba mailing list