On 26 June 2010 00:39, Eric Peters <[email protected]> wrote: > Anybody have any other suggestions I can try?
I have set up OpenVPN with password athentication to Active Directory. I'll paste you my notes on this setup. See also # http://www.matthardy.info/2009/configure-openvpn-to-authenticate-against-active-directory-ldap-in-linux/ openvpn.conf file: plugin /usr/lib/openvpn/openvpn-auth-ldap.so auth-ldap.cfg auth-ldap.cfg for windows active directory <http://www.matthardy.info/2009/configure-openvpn-to-authenticate-against-active-directory-ldap-in-linux/> <LDAP> # LDAP server URL URL ldap://zeus.COMPANY.be # Bind DN (If your LDAP server doesn't support anonymous binds) BindDN "CN=OpenVPN,OU=Service Accounts,DC=COMPANY,DC=be" # Bind Password # Password SecretPassword Password XXXXXXXXXX # Network timeout (in seconds) Timeout 15 # Enable Start TLS #TLSEnable yes TLSEnable no </LDAP> <Authorization> # For active directory, I used sAMAccountName to search by username # I also configured the original search filter to contain the group membership, instead of using the # RequireGroup directive below # Base DN BaseDN "OU=Accounts,DC=COMPANY,DC=be" # User Search Filter #SearchFilter "(&(uid=%u)(accountStatus=active))" SearchFilter "(&(sAMAccountName=%u)(memberOf= cn=VPN_Access,OU=Security Groups,OU=Accounts,DC=COMPANY,DC=be))" # Require Group Membership RequireGroup false </Authorization>
-- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
