[Samba] AD needed for ntlm_auth?

Robert Schetterer robert at schetterer.org
Thu Apr 14 09:45:07 GMT 2005

Ramses van Pinxteren schrieb:

> Hello,
> i want to have my poptop VPN server authenticate against my samba/LDAP 
> server. Everywhere I read that for doing that I need ntlm_auth. 
> reading the manuals of Samba I concluded that NTLM_AUTH only works if 
> I have a M$ Active Directory server (read: a dedicated PC running 
> windows 2000/2003) This seems odd to me. Please tell me I am wrong and 
> I need to do my homework better.
> kind regards
> ramses

ntlm_auth works with a samba bdc using pppd 2.4.3 via winbind auth
i have this up and running with a few problems.....dont include the 
domain name on the client side
( the domain name is cutted somewhere by the code, allready in bugzilla 
pppd )
and using the name of the desired vpn-domain-group does not work for 
me...but if i include the group
sid it works quite well..( dont know why this is happening, equal things 
happen to squid using ntlm to a samba-pdc )..but this stuff may be 
running better using other distros ( mine is suse 9.2 )
Best Regards

More information about the samba mailing list