[Samba] Re: Authenticating PPTP users against Samba/LDAP

[smurfie at egocentrique.com]

Maybe you should try with a radius server, connected to your ldap server. 
But even with Radius, no chap against encrypted samba passwords in the ldap 
backend .. i've spent a few weeks trying to get it work for 
wifi/802.1x/TTLS. Only found way was to have passwords stored as cleartext 
in the ldap, which i didn't want. Maybe there was another solution, i just 
couldn't spend so much time on it. 

BTW i'm very interested if you can have any solution to work, even if it's 
VPN related, cause i'll also have to do it in the few months =) 

Arnauld 

Mike Brodbelt writes: 

> Hi, 
> 
> I have a few remote user who use a PPTP based VPN. The server is running
> PoPToP (http://www.poptop.org/), and a pppd patched to support MPPE/MPPC
> for (some) added security. Currently, users authentication information
> is stored in plaintext in /etc/ppp/chap-secrets. I'd like to be able to
> put users into LDAP, and have ppp authenticate either directly against
> LDAP, or against Samba (with an LDAP backend). Any ideas on how I might
> go about this? Most of the docs I've seen suggest that you can't use PAM
> for authentication with CHAP, so it seems not to be as simple as I might
> have hoped. 
> 
> Disclaimer - I haven't actually tried any of this yet, I'm just trying
> to get it clear in my head before I start... 
> 
> Mike.
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba