[KLUG Members] Radius, Winblows, and VPN

[Adam Tauno WIlliams]

On Fri, 2004-08-20 at 12:19, Rusty Yonkers wrote:
> Has anyone ever setup Radius to talk to a Winblows server for
> authentication for a VPN connection?  I am using PPTP currently.  I
> am trying to find some basic instructions to start me in the correct
> direction.

Andrew Bartlett (of Samba fame) has a modified PPP that supports all
kinds of Windows-ish stuff;  it is part of the lorikeet research
project.  Note that I haven't had the chance yet to play with this
stuff;  or even update my web page.

Quoted message
-----------------------------
Given your wish to be done with the PPP/LDAP patch, and my wish for
world domaination perhaps you could point your users at my 'lorikeet'
patch for pppd.

This patch enables pppd to use Samba's winbind as the authentication
backend.  Winbind can then talk to an NT domain, or more usefully, a
Samba DC (even on same machine).

This provides a separation of concerns from a security point of view,
but more importantly allows Samba to back onto anything, including LDAP.

This is documented at http://hawkerc.net/staff/abartlet/comp3700

and the patch (for the current pppd CVS) is in the 'lorikeet' subversion
repository on Samba.org. =20

Websvn reference:
http://websvn.samba.org/listing.php?rep=3D1&path=3D/trunk/pppd/&rev=3D0&sc=3D1
Unpacked:
http://samba.org/ftp/unpacked/lorikeet/trunk/pppd/

Now I have a little time, I'll also try to get the patch into the main
distribution.

Andrew Bartlett
-----------------------------------------------------------------