Re: pptp
- From: Bjorge Solli <bjorge solli it uib no>
- To: Dan Williams <dcbw redhat com>
- Cc: networkmanager-list gnome org
- Subject: Re: pptp
- Date: Mon, 29 Sep 2008 15:25:37 +0200
Dan Williams wrote:
> On Thu, 2008-09-25 at 08:46 +0200, Bjorge Solli wrote:
>> *doh*
>>
>> It works if I don't use the domain field and set user domain in the user
>> field. I guess @domain is a part of the username in our setup.
>
> Can you try r4107 of the pptp plugin? I added code that, when a domain
> is given, sends username domain instead of just username.
Hm. After looking at this further, talking to our vpn-admin and playing
around with the XP VPN tool I think this is the wrong approach.
Our setup use the format:
username of type <user>@{staff,student}.uib.no
AD-domain is ignored.
<password>.
username is split into <user> and {staff,student}.uib.no and LDAP on
{staff,student}.uib.no is asked to verify the username <user> with the
password <password>.
The XP-VPN-client can be configured to ask for windows domain logon, but
(afaik) it is not sent in the form of username domain I am not sure but
I think it sends \\DOMAIN\username, but in the case at our place it then
should be \\STUDENT\student001 student uib no or
\\UIB\staff0018 staff uib no as this is our AD domains for students and
staff. But AD is not asked in our case, VPN talks directly to two
LDAP-servers, one for staff and the other for students. The @-notation
in the username is in other words a local hack to get this to work
without merging the user databases for staff and students.
In summary I think your change will benefit us, but only us, and it will
not work on any other setup.
I cannot check this as I have no Windows Server running a VPN server,
but maybe someone else can help you verify this?
sincerely,
Bjørge
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
