[Samba] PPP + ntlm_auth

Sebastien sebleclerc at globetrotter.net
Tue Nov 28 21:57:52 GMT 2006


I'm trying to authenticate PPP (in fact l2tp...) users with Active 
Directory (windows server 2003 DCs, mixed-mode domain) using winbind / 
ntlm_auth.  I'm using Samba 3.0.22, PPP 2.4.3, Kerberos 1.3.6, with 
Trustix 2.2

What works :
- krb5kinit (and krb5klist -e)
- net ads join
- wbinfo -u, wbinfo -g, wbinfo -a user%pwd, wbinfo -p, wbinfo -t and 
wbinfo -m
- getent passwd and getent group
- ntlm_auth --username=user --domain=domain.x.y
- ntlm_auth --username=user --domain=domain.x.y --request-lm-key
- ntlm_auth --username=user --domain=domain.x.y --request-nt-key
- authentication through ppp (mschap-v2 with chap-secrets)

What is not working :
- ntlm_auth --username=user --domain=domain.x.y --diagnostics (and every 
  other variation...)
- authentication through ppp (mschap-v2 with winbind plugin)

I verified the paths to ntlm_auth in the options.l2tpd file, and it's 
ok.  In the logs, it only says that the host failed CHAP authentication.
The error code for ntlm_auth is 6A (wrong password)

Anyone has an idea?
Thanks in advance!


More information about the samba mailing list