I should probably add some clarifications here. First, since we have over
200 users, we would like to not have to add the users anywhere. It seems
like the tweak would have to take place in PAM.
What we'd really like to do is find a friendly way where PAM can be
configured to maybe try both (username, domain+username).
Again, any help would be greatly appreciated.
Tom
> -----Original Message-----
> From: Deryk Robosson [mailto:deryk@0x0a.com]
> Sent: Wednesday, May 28, 2003 1:01 PM
> To: hallewellt@rfa.org
> Subject: Re: [Samba] Passing domain name to PPP
>
>
> On Thu, 29 May 2003 12:23 am, Tom Hallewell wrote:
> > Hi-
> > Our PPP RAS server is running Samba 2.2.8a and winbind. We want to
> > authenticate dialup users through the PDC (Win NT 4 SP6). However, in
> > order to do so, the dommainname needs to be prepended to the
> username, ie,
> > DOMAIN+USERNAME.
> > We don't want to have to teach all our dialup users to add the
> domainname
> > when they login to RAS, so we are looking for a way to script this.
> > Has anyone tweaked PPP/CHAP to automatically prepend the domain to the
> > username?
> > Thanks for any help,
> > Tom
>
> I've got some l2tp/ipsec roadwarriors that login using just that
> method to a
> server. It's already supplied by the client (win2k/xp) if the client
is
> setup to login to the domain for that connection. This also
> works with pptp
> as well. Depending on your authentication method, you'd add the users
as
> WORKGROUP\\username * secret * to either chap-secrets or pap-secrets.
>
> --
> Regards,
> Deryk Robosson
>
> Robosson Business Services
> 22 Flemington Street
> Albany, WA 6330
> ABN: 56 728 377 499
> Phone: +61 4 0842 9835 Email: deryk@0x0a.com
>