Hi, I am searching for information on how to set up an NT4 RAS server to authenticate users against a Samba 3 PDC. Right now we have 2 domain controllers and the plan is to phase them out. We want to set up samba as the PDC, but we need RAS to work for the time being. Is there a way to do this? We are going to use the LDAP backend for samba. Is it also possible to have our NT4 BDC stay up, as a BDC to our Samba 3 PDC, for the time being? thanks! Aaron
On Tue, 2004-10-12 at 00:56, Aaron Rosenblum wrote:> Hi, > > I am searching for information on how to set up an NT4 RAS server to > authenticate users against a Samba 3 PDC. Right now we have 2 domain > controllers and the plan is to phase them out. We want to set up samba > as the PDC, but we need RAS to work for the time being. Is there a way > to do this?Have you tried this? Does it fail? Particularly with the LDAP backend (or tdbsam) and setting the properties in usrmgr, it should work... Andrew Bartlett -- Andrew Bartlett abartlet@samba.org Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20041012/037f6544/attachment.bin
Andrew Bartlett schrieb:> On Tue, 2004-10-12 at 00:56, Aaron Rosenblum wrote: > >>Hi, >> >>I am searching for information on how to set up an NT4 RAS server to >>authenticate users against a Samba 3 PDC. Right now we have 2 domain >>controllers and the plan is to phase them out. We want to set up samba >>as the PDC, but we need RAS to work for the time being. Is there a way >>to do this? > > > Have you tried this? Does it fail? Particularly with the LDAP backend > (or tdbsam) and setting the properties in usrmgr, it should work... > > Andrew Bartlett > >why not using pptpd as dial in , for me this works very cool but you need a patched version for auth to smb or ldap Regards
On Tue, 2004-10-12 at 08:33, rruegner wrote:> Andrew Bartlett schrieb: > > On Tue, 2004-10-12 at 00:56, Aaron Rosenblum wrote: > > > >>Hi, > >> > >>I am searching for information on how to set up an NT4 RAS server to > >>authenticate users against a Samba 3 PDC. Right now we have 2 domain > >>controllers and the plan is to phase them out. We want to set up samba > >>as the PDC, but we need RAS to work for the time being. Is there a way > >>to do this? > > > > > > Have you tried this? Does it fail? Particularly with the LDAP backend > > (or tdbsam) and setting the properties in usrmgr, it should work... > > > > Andrew Bartlett > > > > > why not using pptpd as dial in , for me this works very cool > but you need a patched version for auth to smb or ldapWell, many sites try not to change everything at once :-). But as we are talking about this, the patches in lorikeet now support plaintext (not just MSCHAP) authentication to an NT (or Samba or Win2k) domain. http://download.samba.org/ftp/unpacked/lorikeet/trunk/pppd/ Andrew Bartlett -- Andrew Bartlett abartlet@samba.org Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20041012/8c4493a5/attachment.bin
Hello Aaron, Monday, October 11, 2004, 6:56:10 PM, you wrote: AR> Hi, AR> I am searching for information on how to set up an NT4 RAS server to AR> authenticate users against a Samba 3 PDC. Right now we have 2 domain AR> controllers and the plan is to phase them out. We want to set up samba AR> as the PDC, but we need RAS to work for the time being. Is there a way AR> to do this? We are going to use the LDAP backend for samba. Is it AR> also possible to have our NT4 BDC stay up, as a BDC to our Samba 3 PDC, AR> for the time being? AR> thanks! AR> Aaron For Dial-in i use mgetty+pppd(2.4.2)+pppd_ldap plugin if u are goin to use LDAP backend, pppd_ldap plugin it'is your choice This plugin can be easily adopted to authenticate users against a Samba 3 PDC, but for now i don't know what this means sambaMungeDial:bQA6ACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABkAAkAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAA -- Best regards, ds_shadof ds_shadof@-@-@uni-altai.ru
Andrew Bartlett schrieb:> On Tue, 2004-10-12 at 08:33, rruegner wrote: > >>Andrew Bartlett schrieb: >> >>>On Tue, 2004-10-12 at 00:56, Aaron Rosenblum wrote: >>> >>> >>>>Hi, >>>> >>>>I am searching for information on how to set up an NT4 RAS server to >>>>authenticate users against a Samba 3 PDC. Right now we have 2 domain >>>>controllers and the plan is to phase them out. We want to set up samba >>>>as the PDC, but we need RAS to work for the time being. Is there a way >>>>to do this? >>> >>> >>>Have you tried this? Does it fail? Particularly with the LDAP backend >>>(or tdbsam) and setting the properties in usrmgr, it should work... >>> >>>Andrew Bartlett >>> >>> >> >>why not using pptpd as dial in , for me this works very cool >>but you need a patched version for auth to smb or ldap > > > Well, many sites try not to change everything at once :-). > > But as we are talking about this, the patches in lorikeet now support > plaintext (not just MSCHAP) authentication to an NT (or Samba or Win2k) > domain. > > http://download.samba.org/ftp/unpacked/lorikeet/trunk/pppd/ > > Andrew Bartlett >Thx Andrew , i will have a look on it Regards Robert
Hi, I installed UsrMgr.exe (downloaded from the MS support site) on an XP client, joined the client to the domain hosted by the Samba 3 PDC, then opened UsrMgr.exe. The NT tools saw the domain and listed the users and groups, but when I clicked on a user or group and hit "properties", the UsrMgr.exe crashed. Am I missing something obvious like "you cant run this tool on a newer OS than NT 4"? Or "you have to run it on a server version of the OS", or should this work? thanks Aaron On Oct 11, 2004, at 5:36 PM, Andrew Bartlett wrote:> On Tue, 2004-10-12 at 00:56, Aaron Rosenblum wrote: >> Hi, >> >> I am searching for information on how to set up an NT4 RAS server to >> authenticate users against a Samba 3 PDC. Right now we have 2 domain >> controllers and the plan is to phase them out. We want to set up >> samba >> as the PDC, but we need RAS to work for the time being. Is there a >> way >> to do this? > > Have you tried this? Does it fail? Particularly with the LDAP backend > (or tdbsam) and setting the properties in usrmgr, it should work... > > Andrew Bartlett > > -- > Andrew Bartlett abartlet@samba.org > Authentication Developer, Samba Team http://samba.org > Student Network Administrator, Hawker College abartlet@hawkerc.net