Topic: PPTP sme v5.1.2 and Windows 2000 server

[Chuck Wilson]

V 5.1.2 box acting as gateway for a Win 2K Active Directory Domain.

I would like to set up PPTP for a few road warriors with modems and ISP accounts as well as for a couple of executives that have broad band connections at home.  All client computers are Win 2K SP2

Setup seems straight forward for establishing the tunnel to the gateway.  What mechanism provides full authentication to the domain behind the gateway so that users can run domain login script (kix) for mapped drives etc......

Thanks in advance

Chuck

[Bruce Friedman]

PPTP uses account based authentication.  I don't believe there is a way (available now) for SME to authenticate through Active Directory on the W2K Server.

Winbind (part of current release of Samba) does allow for remote authentication of users to a NT primary domain controller, but I don't think this works for Active Directory.

As much as I hate to point you this way...Since you have the W2K Server, why would you not want to use the built in Routing and Remote Access Server (RRAS) which can handle the PPTP, or L2TP VPN for you?  Then you have standard access to dial-in rights for the users and groups you want to allow, as well as enabling appropriate dial-in hours.  What would SME be adding to your network in this case?

[Bill Talcott]

We have an NT4 PDC providing DHCP on our LAN, with an SME 5.0 providing only internet access and mail/web server. When I PPTP into the SME, I get a regular domain logon box as if I were right on the LAN. I'm not sure about the differences with Win2k AD, but it works fine with an NT4 domain. You use your SME login/password in the PPTP DUN connection, then the domain login/password when that box comes up after connecting.