[Samba] sambaMungedDial attribute and VPN connections.

[Matías Teplitzky]

Hi everyone,

I have a VPN server on a Windows NT which recieves external
connections from Windows XP users (they use the default VPN client
included in XP), who are then authenticated against a Samba server
acting as a PDC with LDAP (this is on  Debian Lenny). The problem is
that some users fail to connect to the VPN. They get the following
errors:

Error 734: The PPP Link Control Protocol Was Terminated
Error 649: the account does not have permission to dial in


I figured out that by modifying the sambaMungedDial attribute, then
users can connect to the VPN just fine. I do that with the following
script:

#!/bin/sh

ldapmodify -x -D cn=admin,dc=something,dc=com -w admi-nito << EOF
dn: uid=$1,ou=people,dc=something,dc=com
changetype: modify
replace: sambaMungedDial
sambaMungedDial:
bQA6ACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABkAAkAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAg$
EOF

I run that script as follows:

fix-dial-user.sh joe_user

The point is that doing this for several users, everytime in a while,
is less than an optimal solution. I'd like to find a way so that I
won't have to do this anymore. I did some googling about the
sambaMungedDial attribute, but the information I've found about it,
was rather scarce. So I wonder if you could tell me which and what
kind of data this attribute stores. Needless to say that any other tip
or idea to solve this will be greatly appreciated.


Thanks in advance!.

Cheers.


PS: As you might guess, English is not my native language.  ;-)