[Freeipa-users] Re: openvpn authenticating to freeipa

2017-12-06 Thread Lee Wiscovitch via FreeIPA-users
We use openvpn's "auth-user-pass-verify" option to call a perl script that queries PAM. I can't provide all of it since it has sensitive/corporate information but essentially OpenVPN will provide the password used during client negotiation as an environment variable, and the perl script sends

[Freeipa-users] Re: openvpn authenticating to freeipa

2017-12-06 Thread Andrew Meyer via FreeIPA-users
I already had the line in there for the plugin. On Wednesday, December 6, 2017 2:28 PM, Andrew Meyer wrote: I think I did see that while searching, but did not click on it. I will now! Thank you! On Wednesday, December 6, 2017 2:24 PM, Michael Plemmons via

[Freeipa-users] Re: openvpn authenticating to freeipa

2017-12-06 Thread Andrew Meyer via FreeIPA-users
I think I did see that while searching, but did not click on it. I will now! Thank you! On Wednesday, December 6, 2017 2:24 PM, Michael Plemmons via FreeIPA-users wrote: Have you taken a look at this?

[Freeipa-users] Re: openvpn authenticating to freeipa

2017-12-06 Thread Michael Plemmons via FreeIPA-users
Have you taken a look at this? https://github.com/OpenVPN/openvpn/tree/master/src/plugins/auth-pam That is a plugin we have on our OpenVPN server which is backed by FreeIPA. In our OpenVPN server conf file we have a line that looks like this. plugin