The sudo method may not be your best choice. It depends on your system usage. The sudo method will cause kppp to use a global config file (root's). If you want the users to setup and use seperate connection settings and also prevent users from changing things that may cause problems for other users then you should not use sudo for kppp.
If that's the case you would do this..
ln -sf /usr/sbin/kppp /usr/bin/kppp
gpasswd -a david kpppusers
chmod 750 /usr/sbin/kppp
chown root.kpppusers /usr/sbin/kppp
Then the user can run kppp and set it up for themselves.
If the user is already logged in they will need to log off and back on to join the new group, or the user can run this ..
If you want the user to be able to modify dns servers with kppp...
Note: this may also cause the firewall to need reconfiguring for the new dns servers if it's not setup to allow this.
chown root.kpppusers /etc/resolv.conf
chmod 664 /etc/resolv.conf
chown root.kpppusers /etc/ppp/resolv.conf
chmod 664 /etc/ppp/resolv.conf
If not set them manually, put them in your firewall scripts, then do this..
chown root.root /etc/resolv.conf
chmod 644 /etc/resolv.conf
chown root.root /etc/ppp/resolv.conf
chmod 644 /etc/ppp/resolv.conf