Saúl Sigala
2005-Jul-22 21:06 UTC
[Samba] Authenticate pptpd server on a domain controller
Hello. I have two servers: -One is a vpn server with pptpd. It has debian sarge 3.1, kernel(2.6.8), pptd(1.2.1-4), ppp(2.4.3-2) and Samba(3.0.14a-3). All the accounts to log on the vpn are on /etc/ppp/chap-secrets file. -The other is a pdc with samba(2.2.7) in red hat 8 I want the accounts in the first server (chap-secrets file) authenticate against the pdc server (/etc/samba/smbpasswd) on the second. I read that it is possible using winbind, kerberos and pam. I have been making some configurations but I haven't made yet it works. I want to know what is the best way and how to make. I have traied these two links.: 1- Replacing a Windows PPTP server with Linux HOWTO http://poptop.sourceforge.net/dox/replacing-windows-pptp-with-linux-howto.phtml 2- Chapter 23. Winbind: Use of Domain Accounts http://us2.samba.org/samba/docs/man/Samba3-HOWTO/winbind.html but the two show the same error when I try to join the pptpd server on the pdc. All the configurations were made in the pptpd server not on the pdc. -The fisrt one displays Proxy2:/etc/samba# net join -U root root's password: [2005/07/22 16:02:01, 0] utils/net_ads.c:ads_startup(191) ads_connect: Transport endpoint is not connected [2005/07/22 16:02:01, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256) cli_nt_setup_creds: request challenge failed Creation of workstation account failed User specified does not have administrator privileges Unable to join domain DUCOR. -The second one displays Proxy2:/etc/samba# net rpc join -S servdb1 -U root [2005/07/22 16:03:35, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256) cli_nt_setup_creds: request challenge failed Password: Creation of workstation account failed User specified does not have administrator privileges Unable to join domain DUCOR. I would thank if somebody can help me.
Ilia Chipitsine
2005-Jul-24 09:02 UTC
[Samba] Authenticate pptpd server on a domain controller
I'm running the following configuration: samba3/ldap --> freeradius --> mpd(freebsd pptp server) the key word here is radius (freeradius, for instance) it makes use of NT hashes which are already present in ldap. not sure that I can help with samba-2.2, but if You consider upgrading to 3.0, I can share config. Cheers, Ilia Chipitsine> Hello. > > I have two servers: > -One is a vpn server with pptpd. It has debian sarge 3.1, kernel(2.6.8), pptd(1.2.1-4), ppp(2.4.3-2) and Samba(3.0.14a-3). All the accounts to log on the vpn are on /etc/ppp/chap-secrets file. > > -The other is a pdc with samba(2.2.7) in red hat 8 > > I want the accounts in the first server (chap-secrets file) authenticate against the pdc server (/etc/samba/smbpasswd) on the second. > > I read that it is possible using winbind, kerberos and pam. I have been making some configurations but I haven't made yet it works. I want to know what is the best way and how to make. > > I have traied these two links.: > 1- Replacing a Windows PPTP server with Linux HOWTO http://poptop.sourceforge.net/dox/replacing-windows-pptp-with-linux-howto.phtml > > 2- Chapter 23. Winbind: Use of Domain Accounts http://us2.samba.org/samba/docs/man/Samba3-HOWTO/winbind.html > > but the two show the same error when I try to join the pptpd server on the pdc. All the configurations were made in the pptpd server not on the pdc. > > -The fisrt one displays > Proxy2:/etc/samba# net join -U root > root's password: > [2005/07/22 16:02:01, 0] utils/net_ads.c:ads_startup(191) > ads_connect: Transport endpoint is not connected > [2005/07/22 16:02:01, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256) > cli_nt_setup_creds: request challenge failed > Creation of workstation account failed > User specified does not have administrator privileges > Unable to join domain DUCOR. > > -The second one displays > Proxy2:/etc/samba# net rpc join -S servdb1 -U root > [2005/07/22 16:03:35, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256) > cli_nt_setup_creds: request challenge failed > Password: > Creation of workstation account failed > User specified does not have administrator privileges > Unable to join domain DUCOR. > > I would thank if somebody can help me. > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba >