LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices



Reply
 
Search this Thread
Old 12-10-2008, 02:26 PM   #1
dr5419
LQ Newbie
 
Registered: Aug 2007
Posts: 8

Rep: Reputation: 0
Logging into a debian primary domain controller via windows xp pro via windows VPN


Hi everyone, I am somewhat a newbie to the linux world but i do know some things. What i am trying to do here is remotely log into my linux domain controller via windows network connection VPN. I can successfully log into the Cisco VPN router but i can't seem to get logged into my PDC.

The error i keep getting is "Error 691: access was denied because the username and/or password was invalid on te domain". can anybody steer me in the right direction?

If you need me to give more info please let me know.. again i'm kinda new to this...
 
Old 12-10-2008, 02:52 PM   #2
jstephens84
Senior Member
 
Registered: Sep 2004
Distribution: (Home)Opensolaris, Ubuntu, CentOS, (Work - AIX, HP-UX, Red Hat)
Posts: 2,056

Rep: Reputation: 94
what are you using to try and logon to the domain. I am guessing that you are using the cisco vpn client to make the connection to the cisco router correct?
 
Old 12-10-2008, 06:27 PM   #3
dr5419
LQ Newbie
 
Registered: Aug 2007
Posts: 8

Original Poster
Rep: Reputation: 0
well the actual cisco router is just running the VPN server.

I created a VPN network connection from windows XP. I've created the connection with the following settings:
The networking tab it set to PPTP VPN
The security tap is set to Optional data encryption and the "allow these protocols" radio button is checked allowing CHAP, MS-CHAP, and MS-CHAP v2.

I'm not having any issues with logging in to the VPN router i'm just not allowed to log into my debian Domain Controller.

Thanks for your help..

Last edited by dr5419; 12-10-2008 at 06:29 PM. Reason: Updated some grammer..
 
Old 12-10-2008, 08:12 PM   #4
jstephens84
Senior Member
 
Registered: Sep 2004
Distribution: (Home)Opensolaris, Ubuntu, CentOS, (Work - AIX, HP-UX, Red Hat)
Posts: 2,056

Rep: Reputation: 94
I still am confused on what you application will not authenticate correctly. Or are you saying that your vpn client will authenicate against your debian domain controller.
 
Old 12-11-2008, 01:58 PM   #5
dr5419
LQ Newbie
 
Registered: Aug 2007
Posts: 8

Original Poster
Rep: Reputation: 0
In Windows XP Pro under the control panel there is network connections. if you go into network connections and create a new network connection you have the ability to choose VPN as the type of connection. when your setting up the connection you have some settings to set.. the tabs are "General", "Options", Security", "Networking", and "Advanced"

Under each tab i have the following settings.

General: xxx.xxx.xxx public address

Options: Display progress, Prompt for name and user, include windows logon domain are all checked.

Security: the advanced radio button is slected and the advanced section is slected with the following settings.. Data incryption is opitonal, challange CHAP is checked, MS-chap is checked, and MS-chap v2 is checked as well.

Networking: Type of VPN is set to PPTP VPN

Advanced: nuthing is set..

now when i have the "include windows logon domain" unchecked the VPN connection works perfectly.. if i have the "include wondows logon domain" checked then i get the err stated in my first post.. My domain controller is a debian machine if you need any information from my server i'll gladly provide it.. I hope this helps :-) thanks for your help so far...
 
Old 12-11-2008, 02:15 PM   #6
jstephens84
Senior Member
 
Registered: Sep 2004
Distribution: (Home)Opensolaris, Ubuntu, CentOS, (Work - AIX, HP-UX, Red Hat)
Posts: 2,056

Rep: Reputation: 94
ahh I see. Well from my best guess I would say that your router is not forwarding ldap queries to the server. Could be possibly blocking that port or could be an ACL issue. Try and setup your vpn as a passthrough so we can ensure that your firewall is not the problem.
 
Old 12-11-2008, 02:30 PM   #7
dr5419
LQ Newbie
 
Registered: Aug 2007
Posts: 8

Original Poster
Rep: Reputation: 0
Once i'm connected to my VPN router i can surf my entire netwrok remotely, and i can get to all my drives by manually mapping them.. how ever, i have to use my server's ip address for the mapping to work..... \\server\drive wont work but \\123.123.123.123\drive will work.. my drives require user name and passwords and when i enter them the domain accepts it. it just wont accept the user name and password for the domain when trying to connect remotely..

I'm thinking its something to do with authenticating.
 
Old 12-11-2008, 02:37 PM   #8
jstephens84
Senior Member
 
Registered: Sep 2004
Distribution: (Home)Opensolaris, Ubuntu, CentOS, (Work - AIX, HP-UX, Red Hat)
Posts: 2,056

Rep: Reputation: 94
Quote:
Originally Posted by dr5419 View Post
Once i'm connected to my VPN router i can surf my entire netwrok remotely, and i can get to all my drives by manually mapping them.. how ever, i have to use my server's ip address for the mapping to work..... \\server\drive wont work but \\123.123.123.123\drive will work.. my drives require user name and passwords and when i enter them the domain accepts it. it just wont accept the user name and password for the domain when trying to connect remotely..

I'm thinking its something to do with authenticating.
Well to fix the name issue looks like your vpn is not setup to map you to the correct dns server. As for the other problem what happens if you enter
domain\username and password.
 
Old 12-11-2008, 02:43 PM   #9
dr5419
LQ Newbie
 
Registered: Aug 2007
Posts: 8

Original Poster
Rep: Reputation: 0
everything i've tried gives me the same error... "Error 691: access was denied because the username and/or password was invalid on the domain" I know its a valid username and password because i'm useing my own username and password..
 
Old 12-11-2008, 02:56 PM   #10
jstephens84
Senior Member
 
Registered: Sep 2004
Distribution: (Home)Opensolaris, Ubuntu, CentOS, (Work - AIX, HP-UX, Red Hat)
Posts: 2,056

Rep: Reputation: 94
Could be a dns issue did you try placing the domain name infront of the username.

Username: <domain>\<username>
Password: ***********
 
Old 12-11-2008, 03:14 PM   #11
dr5419
LQ Newbie
 
Registered: Aug 2007
Posts: 8

Original Poster
Rep: Reputation: 0
I tried that.. Same error. i've tried every combination i could think of.. I know i'm not an expert at this but i really didnt think it would be this difficult :-) oh well.
 
Old 12-11-2008, 03:28 PM   #12
jstephens84
Senior Member
 
Registered: Sep 2004
Distribution: (Home)Opensolaris, Ubuntu, CentOS, (Work - AIX, HP-UX, Red Hat)
Posts: 2,056

Rep: Reputation: 94
I think it could be a dns issue that is the problem. Lets try and fix that first which in turn may fix this issue.
 
Old 12-11-2008, 03:56 PM   #13
dr5419
LQ Newbie
 
Registered: Aug 2007
Posts: 8

Original Poster
Rep: Reputation: 0
thats what i was thinking. I do have my IP name-server in my routers configuration though. the actual line is

ip name-server xxx.xxx.xxx.xxx and its the correct ip address for my internal DNS
 
Old 12-11-2008, 04:17 PM   #14
jstephens84
Senior Member
 
Registered: Sep 2004
Distribution: (Home)Opensolaris, Ubuntu, CentOS, (Work - AIX, HP-UX, Red Hat)
Posts: 2,056

Rep: Reputation: 94
what does ipconfig return on your windows box. Post the whole output if possible.
 
Old 12-11-2008, 05:37 PM   #15
dr5419
LQ Newbie
 
Registered: Aug 2007
Posts: 8

Original Poster
Rep: Reputation: 0
after looking at the Ipconfig i think something is really wrong. when the connection is active the VPN router handed out the same ip address for the connection and the default gatway. and the subnet is 255.255.255.255 that dont look right but then again i am a newbie to this.. the following is what shows up with ipconfig

PPP adapter connection name

Connection-specific DNS suffix . :
Discription...................... : WAN <PPP/SLIP> Interface
Physical Address................. : 00.00.00.00.00.00
Dhcp Enabled..................... : No
IP Address....................... : 192.168.1.17
Subnet Mask...................... : 255.255.255.255
Default Gateway.................. : 192.168.1.17
DNS Servers...................... : 192.168.1.22
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Replacing a Windows Domain Controller with a Linux:OpenLDAP importing from Windows AD mstevensfullarmor Linux - Enterprise 14 02-15-2012 07:05 PM
windows primary domain controller with samba 3.x giorgiotheone Mandriva 1 07-04-2011 07:02 AM
Samba as Primary Domain Controller for windows network hamish Linux - Networking 5 07-26-2005 01:54 PM
Samba Primary Domain Controller for a Windows XP network benobi Linux - Networking 4 11-19-2004 03:21 PM
primary domain controller question chens_83 Linux - Networking 4 07-23-2002 11:56 AM


All times are GMT -5. The time now is 10:55 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration