{"id":28373370,"url":"https://github.com/dkruchinin/pppd-ldap","last_synced_at":"2025-07-22T08:02:26.461Z","repository":{"id":1120256,"uuid":"992058","full_name":"dkruchinin/pppd-ldap","owner":"dkruchinin","description":"A fork of pppd_ldap-0.12 that supports CHAP/MSCHAP/MSCHAP-v2 authentication with MPPE","archived":false,"fork":false,"pushed_at":"2011-02-22T01:05:30.000Z","size":132,"stargazers_count":5,"open_issues_count":1,"forks_count":0,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-06-22T10:36:41.262Z","etag":null,"topics":["c","ldap","mschap","ppp"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dkruchinin.png","metadata":{"files":{"readme":"README","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2010-10-16T07:30:02.000Z","updated_at":"2023-03-05T03:34:49.000Z","dependencies_parsed_at":"2022-08-16T12:05:19.877Z","dependency_job_id":null,"html_url":"https://github.com/dkruchinin/pppd-ldap","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/dkruchinin/pppd-ldap","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dkruchinin%2Fpppd-ldap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dkruchinin%2Fpppd-ldap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dkruchinin%2Fpppd-ldap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dkruchinin%2Fpppd-ldap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dkruchinin","download_url":"https://codeload.github.com/dkruchinin/pppd-ldap/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dkruchinin%2Fpppd-ldap/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266454557,"owners_count":23931329,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-22T02:00:09.085Z","response_time":66,"last_error":null,"robots_txt_status":null,"robots_txt_updated_at":null,"robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["c","ldap","mschap","ppp"],"created_at":"2025-05-29T19:30:42.435Z","updated_at":"2025-07-22T08:02:26.408Z","avatar_url":"https://github.com/dkruchinin.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"=== Introduction ===\n\nThe original project called pppd-ldap-0.12 originaly developed by\nGrigoriy Sitkarev supports only PAP authentication\nvia LDAP server. The project page of pppd-ldap can be found there:\nhttp://sourceforge.net/projects/pppd-ldap\n\npppd-chldap is a fork of pppd-ldap which supports CHAP/MSCHAP/MSCHAP-v2\nauthentication via LDAP server. MSCHAP and MSCHAP-v2 includes MPPE support.\n\n=== CHAP/MSCHAP/MSCHAP-V2 authentification issues ===\n\nCHAP/MSCHAP/MSCHAP-V2 authentification will work only if the following\nconditions are met:\n1) CHAP will work only if userPassword attribute value is in plain-text format\n2) MSCHAP will work if either userPassword is plain-text or if authentication\n   password is held in SambaNTPassword attribute as NT-Hash.\n   (if MSLANMAN support is enabled password should be held in SambaLMPassword attribute as well)\n3) MSCHAP-V2 will work if either userPassword is plain-text or if password is held in\n   SambaNTPassword attribute.\n\n=== Description and configuration ===\n\nThis docs can be outdated. For the latest versions please refere to project page:\nhttp://sourceforge.net/projects/pppd-ldap\n\n\t--- LDAP-enabled pppd(8) ---\n\n\tNAME\n\n\tpppd_ldap.so - LDAP authentication and information retrieval plugin for\n\tpppd(8)\n\n\tSYNOPSIS\n\n\tpppd \u003coption\u003e plugin pppd_ldap.so\n\n\tDESCRIPTION\n\n LDAP plugin pppd_ldap.so permits pppd to perform PAP/CHAP/MSCHAP and MSCHAP-V2 \n  authentication against LDAP server instead of the usual\n /etc/ppp/pap-secrets and other files.  LDAP plugin is linked with OpenLDAP\n -lldap library. You'll need to have development part of OpenLDAP library to\n build plugin successfuly. After successfull reception of peer's credentials,\n pppd_ldap rebinds with supplied username and password. If operation succeeds,\n pppd_ldap sets different pppd(8) options according to user information ret-\n rieved from LDAP directory. If operation fails, pppd(8) performs it's\n ordinary operations.\n\n Search operation constructs search filter using peer name attaching \"uid=\"\n prefix. Thus, uid attribute is used as a login name. After completing search\n operation, pppd_ldap rebinds with the entry's DN. For example if user logs in\n using login name \"tofik\" and the entry looks like\n\n dn: cn=Anton A. Postnikov,ou=People,dc=nordcomp,dc=ru\n objectClass: radiusProfile\n objectClass: inetOrgPerson\n ....\n uid: tofik\n\n plugin searches for the entry using (uid=tofik) and then rebinds with DN\n cn=Anton A. Postnikov,ou=People,dc=nordcomp,dc=ru. This behavior allows to\n establish user's DN in different styles.\n\n Plugin uses RADIUS-LDAPv3.schema provided with FreeRadius tarballs. Currently\n plugin can use the following attributes and set appropriate values;\n\n\tMandatory attributes\n\n \tdialupAccess - this attribute should be set to YES if we allow PPP connec-\n\ttion or empty. If this attribute's value is set to FALSE, login is disabl-\n\ted.\n\n\tradiusAuthType - SHOULD be set to LDAP.\n\n\tAdditional attributes\n\n \tradiusFramedIPAddress - this attribute determines IP address of the\n\tauthenticating peer. If attribute is not set, normal actions are performed.\n\tIf peer's addres is set by runtime pppd(8) options, it is used if\n\tLDAP user record has no radiusFramedIPAddress attribute.\n\n\tradiusSessionTimeout - this attribute defines session timeout in seconds.\n\tConnection will be destroyed by pppd(8) after session timeout.\n\n\tradiusIdleTimeout - this attribute defines idle timeout in seconds.\n\n\tOPTIONS\n\n  LDAP plugin introduces some additional options:\n\n  ldaphost \u003chostname\u003e\n  \tSets LDAP server host name. By default \"localhost\" is assumed.\n\n  example: ldaphost helga.komitex.ru\n\n  ldapport \u003cnumber\u003e\n\n Sets LDAP sever port number. By default LDAP_PORT (389) is used. pppd_ldap\n now supports TLS/SSL. If your LDAP server talks only LDAPS, then set\n ldapport to 636.\n\n  example: ldapport 555\n\n  ldapdn \u003cDN\u003e\n\n Set to DN to bind with LDAP server, who has enough rights to read necessary\n attributes in LDAP Directory.\n\n  example: ldapdn \"cn=pppd,ou=Daemon,dc=nordcomp,dc=ru\"\n\n  ldappw \u003cpassword\u003e\n\n Set to ldapdn password. Seems not very good... I'll change this behavior\n someday.\n\n  userbasedn \u003cbasedn\u003e\n\n Set to the base DN where to perform search for user accounts in LDAP directory.\n\n  example: \"ou=Users,dc=nordcomp,dc=ru\"\n\n  ldaptimeout \u003cnumber\u003e\n\n ldap search timeout (in sec). 15 seconds assumed by default. set to any\n suitable value.\n  example: ldaptimeout 25\n\n  ldapnettimeout \u003cnumber\u003e\n\n Sets network operation timeout in seconds. Defaults to 10 seconds.\n\n  ldapusetls\n\n Enables TLS/SSL connection with LDAP server. Make sure you have specified\n correct ldaphost! If ldaphost name doesn't match server's certificate canonical\n name, connection terminates immediately.\n\n  ldapdbg\n\n Enables additional debug information and verbose output to syslog.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdkruchinin%2Fpppd-ldap","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdkruchinin%2Fpppd-ldap","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdkruchinin%2Fpppd-ldap/lists"}