[Samba] pptp/pppd 2.4.3 ntlm auth acts different to your
example/update partly solved
Robert Schetterer
robert at schetterer.org
Tue Jan 4 15:23:49 GMT 2005
Hi @ll,
the problem is partly solved
ntlm auth from squid and samba
have the same name
but different paths on suse 9.2
linux:~ # locate ntlm_auth
/usr/bin/ntlm_auth (samba)
/usr/sbin/ntlm_auth (squid)
so they act different
/usr/bin/ntlm_auth --username=example --domain=EXAMPLE
shows up the desired results as described by Andrew
Regards
Robert Schetterer schrieb:
> Hi Andrew i studied
> http://hawkerc.net/staff/abartlet/comp3700/final-report.pdf
> and did
> linux:~ # wbinfo -p
> Ping to winbindd succeeded on fd 4
> linux:~ # wbinfo -t
> checking the trust secret via RPC calls succeeded
> ( joining the domain itself worked as you described , but after
> building a machine account
>
> net rpc join -S localhost)
>
> next lines
> would be ( taken from your report )
> ntlm_auth --username=example --domain=EXAMPLE
> but this is what i get
>
> ntlm_auth [-b] [-f] [-d] [-l] domain\controller [domain\controller ...]
> -b enables load-balancing among controllers
> -f enables failover among controllers (DEPRECATED and always active)
> -l changes behavior on domain controller failyures to last-ditch.
> -d enables debugging statements if DEBUG was defined at build-time.
>
> You MUST specify at least one Domain Controller.
> You can use either \ or / as separator between the domain name
> and the controller name
> ntlm_auth: invalid option -- O
> unknown option: -?. Exiting
> ntlm_auth usage:
> ntlm_auth [-b] [-f] [-d] [-l] domain\controller [domain\controller ...]
> -b enables load-balancing among controllers
> -f enables failover among controllers (DEPRECATED and always active)
> -l changes behavior on domain controller failyures to last-ditch.
> -d enables debugging statements if DEBUG was defined at build-time.
>
> You MUST specify at least one Domain Controller.
> You can use either \ or / as separator between the domain name
> and the controller name
>
> (i double checked the pptpd logs and winbind logs
> it seems clear that winbind is never asked by the plugin)
>
> myppp.options
> plugin winbind.so
> ntlm_auth-helper "/usr/sbin/ntlm_auth --helper-protocol=ntlm-server-1"
>
> /usr/sbin/ntlm_auth is taken out of squid helpers
>
> its not a failure from general pptpd/pppd cause it works like charme
> with chap only
>
> Any idea?
> Best Regards
>
> Andrew Bartlett schrieb:
>
>> On Tue, 2005-01-04 at 10:07 +0100, Robert Schetterer wrote:
>>
>>
>>> Hi Andrew,
>>> thx for this info so i have to do more study,
>>> its clear to me that and how to join a samba pdc, but
>>> is it possible to join the pdc/smb domain on the same pdc machine?
>>>
>>
>>
>> Quite possible. Standard practice.
>>
>> net rpc join -S localhost
>>
>> Andrew Bartlett
>>
>>
>>
More information about the samba
mailing list