Tuesday 17 March 2009

Auto-mount of windows shares on Ubuntu login

Based on https://wiki.ubuntu.com/MountWindowsSharesPermanently and updated:

$ sudo apt-get install libpam-mount smbfs
$ echo "@include common-pammount" | sudo tee -a /etc/pam.d/gdm
$ echo "@include common-pammount" | sudo tee -a /etc/pam.d/login

fix up server= and mountpoint= below

$ sed -i -e '/<!-- Volume definitions -->/a<volume user="*" fstype="cifs" server="10.42.0.1" path="users/%(USER)" mountpoint="/home/%(USER)/ntfs" options="uid=%(USERUID),gid=%(USERGID),iocharset=utf8,fmask=0770,dmask=0770" />' /etc/security/pam_mount.conf.xml

Make sure unix password is same as windows password and unix username same as windows username unless we use ldap in nis, but thats another story…

Monday 9 March 2009

MS PPTP VPN server with linux

I've been tearing my hair out for the last 8 working hours trying to get my Ubuntu Hardy VPN helper to connect me to a Windows 2003 PPTP service.

A windows PC would connect fine, but my linux clients would all fail, generating this message in the Windows server Event log: "You do not have permission to connect using the selected authentication protocol."

I'd done what I could to make sure my RAS policies specified MSCHAP, MSCHAPv2 and had EAP disabled (I had no certs and was fed up of RAS failing for lack of them). My linux clients were also selected to use only MSCHAP and MSCHAPv2 - but still no joy!

The final missing tip was the last post at: http://www.eggheadcafe.com/forumarchives/Windows2000ras_routing/Jan2006/post25331080.asp
where it seemed that I had to make sure the RAS servers own authentication methods matched (or probably were a superset of) the authentication methods of the policy. Once that was fixed, it all worked fine.

While I was there I also set the correct adaptor for use by DHCP/DNS/WINS as I only have one active adaptor anyway!