RE: [Samba] ntlm_auth from pppd help
SOLVED! Follow-up: Andrew Bartlett wrote: > On Mon, 2005-11-28 at 06:27 -0500, Brian Hoover wrote: >> Andrew Bartlett wrote: >> I could not find the patch you speek of, but I am using the same daemon I used in a PPTP config that works. >>> >>> Oh, and that uses winbind auth? >> >> I'm using a version obtained from PopTop and yes it works with >> windbind auth. >> >>> >>> Is the l2tp in a chroot or similar? >> >> Not yet, still trying to get a simple set-up working. > > All I can suggest is to chase it down from the l2tp and pppd side > with strace. > > Andrew Bartlett This was a misconfigured l2tpd. The statement 'require-mschap' was left in from an earlier test. Thanks for the suggestions, Brian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] ntlm_auth from pppd help
On Mon, 2005-11-28 at 06:27 -0500, Brian Hoover wrote: > Andrew Bartlett wrote: > > >> I could not find the patch you speek of, but I am using the same > >> daemon I used in a PPTP config that works. > > > > Oh, and that uses winbind auth? > > I'm using a version obtained from PopTop and yes it works with windbind > auth. > > > > > Is the l2tp in a chroot or similar? > > Not yet, still trying to get a simple set-up working. All I can suggest is to chase it down from the l2tp and pppd side with strace. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] ntlm_auth from pppd help
Andrew Bartlett wrote: >> I could not find the patch you speek of, but I am using the same >> daemon I used in a PPTP config that works. > > Oh, and that uses winbind auth? I'm using a version obtained from PopTop and yes it works with windbind auth. > > Is the l2tp in a chroot or similar? Not yet, still trying to get a simple set-up working. > > Andrew Bartlett Brian Hoover -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] ntlm_auth from pppd help
On Sat, 2005-11-26 at 06:57 -0500, Brian Hoover wrote: > Thanks for responding. > > Andrew Bartlett wrote: > > On Wed, 2005-11-23 at 09:42 -0500, Brian Hoover wrote: > >> Hello all, > >> > >> I am working on a VPN solution using FC3-2.6.12-1.1381 - openswan > >> 2.4.4-1 - l2tpd 0.69-13 - pppd 2.4.3-5 - samba 3.0.10-1. > >> > >> When attempting a connection from an XP-SP2 box pppd dies without > >> authenticating the user (see below). > >> I have run ntlm_auth from the command line with success. > >> > >> What tools can I use to identify the failure? > > > > Perhaps pipe the ntlm_auth invokation via 'tee' and see what is being > > written to ntlm_auth? > > > > Also try an strace. > > I'll try these when I get back to the lab. > > > Are you running the patched pppd, due to my snarfu with base64 > > encoding? > > I could not find the patch you speek of, but I am using the same > daemon I used in a PPTP config that works. Oh, and that uses winbind auth? Is the l2tp in a chroot or similar? Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Samba Developer, SuSE Labs, Novell Inc.http://suse.de Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] ntlm_auth from pppd help
Thanks for responding. Andrew Bartlett wrote: > On Wed, 2005-11-23 at 09:42 -0500, Brian Hoover wrote: >> Hello all, >> >> I am working on a VPN solution using FC3-2.6.12-1.1381 - openswan >> 2.4.4-1 - l2tpd 0.69-13 - pppd 2.4.3-5 - samba 3.0.10-1. >> >> When attempting a connection from an XP-SP2 box pppd dies without >> authenticating the user (see below). >> I have run ntlm_auth from the command line with success. >> >> What tools can I use to identify the failure? > > Perhaps pipe the ntlm_auth invokation via 'tee' and see what is being > written to ntlm_auth? > > Also try an strace. I'll try these when I get back to the lab. > Are you running the patched pppd, due to my snarfu with base64 > encoding? I could not find the patch you speek of, but I am using the same daemon I used in a PPTP config that works. Thanks again, Brian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ntlm_auth from pppd help
On Wed, 2005-11-23 at 09:42 -0500, Brian Hoover wrote: > Hello all, > > I am working on a VPN solution using FC3-2.6.12-1.1381 - openswan > 2.4.4-1 - l2tpd 0.69-13 - pppd 2.4.3-5 - samba 3.0.10-1. > > When attempting a connection from an XP-SP2 box pppd dies without > authenticating the user (see below). > I have run ntlm_auth from the command line with success. > > What tools can I use to identify the failure? Perhaps pipe the ntlm_auth invokation via 'tee' and see what is being written to ntlm_auth? Also try an strace. Are you running the patched pppd, due to my snarfu with base64 encoding? (Patch on the poptop page). Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Samba Developer, SuSE Labs, Novell Inc.http://suse.de Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ntlm_auth from pppd help
I have the same problem. My setup is same except my server is FC1 with kernel 2.4.32 and samba 3.0.21rc1. See "Unified logons with winbind and tdbsam backend": http://lists.samba.org/archive/samba/2005-November/113583.html I didn't get any responses to my message which I sent couple times here. I can't say for sure is this a samba bug or a configuration issue. Ppp-debug option gives following error messages: utils/ntlm_auth.c:manage_squid_request(1592) fgets() failed! dying. errno=1 (Operation not permitted) Peer DOMAIN\\user failed CHAP authentication Juha Pietikäinen Hello all, I am working on a VPN solution using FC3-2.6.12-1.1381 - openswan 2.4.4-1 - l2tpd 0.69-13 - pppd 2.4.3-5 - samba 3.0.10-1. When attempting a connection from an XP-SP2 box pppd dies without authenticating the user (see below). I have run ntlm_auth from the command line with success. What tools can I use to identify the failure? Is there an obvious error in the ppp options file? Thanks, Brian Hoover messages: Nov 23 09:15:51 fw03 pppd[4862]: Plugin winbind.so loaded. Nov 23 09:15:51 fw03 pppd[4862]: WINBIND plugin initialized. Nov 23 09:15:51 fw03 pppd[4862]: pppd 2.4.3 started by root, uid 0 Nov 23 09:15:51 fw03 pppd[4862]: Using interface ppp0 Nov 23 09:15:51 fw03 pppd[4862]: Connect: ppp0 <--> /dev/pts/2 Nov 23 09:15:53 fw03 pppd[4862]: Peer VIDAR\\bch failed CHAP authentication Nov 23 09:15:53 fw03 pppd[4862]: Connection terminated. Nov 23 09:15:54 fw03 pppd[4862]: Exit. The ppp options file: noauth name l2tpd refuse-pap refuse-mschap require-mschap-v2 defaultroute ms-dns 192.168.0.19 ms-dns 192.168.0.49 ms-wins 192.168.0.19 ms-wins 192.168.0.49 proxyarp debug lock nobsdcomp nologfd plugin winbind.so ntlm_auth-helper "/usr/bin/ntlm_auth --helper-protocol=ntlm-server-1" -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ntlm_auth from pppd help
Hello all, I am working on a VPN solution using FC3-2.6.12-1.1381 - openswan 2.4.4-1 - l2tpd 0.69-13 - pppd 2.4.3-5 - samba 3.0.10-1. When attempting a connection from an XP-SP2 box pppd dies without authenticating the user (see below). I have run ntlm_auth from the command line with success. What tools can I use to identify the failure? Is there an obvious error in the ppp options file? Thanks, Brian Hoover messages: Nov 23 09:15:51 fw03 pppd[4862]: Plugin winbind.so loaded. Nov 23 09:15:51 fw03 pppd[4862]: WINBIND plugin initialized. Nov 23 09:15:51 fw03 pppd[4862]: pppd 2.4.3 started by root, uid 0 Nov 23 09:15:51 fw03 pppd[4862]: Using interface ppp0 Nov 23 09:15:51 fw03 pppd[4862]: Connect: ppp0 <--> /dev/pts/2 Nov 23 09:15:53 fw03 pppd[4862]: Peer VIDAR\\bch failed CHAP authentication Nov 23 09:15:53 fw03 pppd[4862]: Connection terminated. Nov 23 09:15:54 fw03 pppd[4862]: Exit. The ppp options file: noauth name l2tpd refuse-pap refuse-mschap require-mschap-v2 defaultroute ms-dns 192.168.0.19 ms-dns 192.168.0.49 ms-wins 192.168.0.19 ms-wins 192.168.0.49 proxyarp debug lock nobsdcomp nologfd plugin winbind.so ntlm_auth-helper "/usr/bin/ntlm_auth --helper-protocol=ntlm-server-1" -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba