[Samba] Authenticating PPTP users against Samba/LDAP

Andrew Bartlett abartlet at samba.org
Wed Oct 20 02:50:51 GMT 2004


On Wed, 2004-10-20 at 00:44, Mike Brodbelt wrote:
> Hi,
> 
> I have a few remote user who use a PPTP based VPN. The server is running
> PoPToP (http://www.poptop.org/), and a pppd patched to support MPPE/MPPC
> for (some) added security. Currently, users authentication information
> is stored in plaintext in /etc/ppp/chap-secrets. I'd like to be able to
> put users into LDAP, and have ppp authenticate either directly against
> LDAP, or against Samba (with an LDAP backend). Any ideas on how I might
> go about this? Most of the docs I've seen suggest that you can't use PAM
> for authentication with CHAP, so it seems not to be as simple as I might
> have hoped.
> 
> Disclaimer - I haven't actually tried any of this yet, I'm just trying
> to get it clear in my head before I start...

The pppd patch (one for 2.4.2, one for current CVS) is here:
http://download.samba.org/ftp/unpacked/lorikeet/trunk/pppd

The documentation is:
http://hawkerc.net/staff/abartlet/comp3700/final-report.pdf

Note that the patch changed a little since the report was written, use
the instructions in the README for configuration.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at samba.org
Authentication Developer, Samba Team            http://samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20041020/620d1965/attachment.bin


More information about the samba mailing list