Azure AD authentication for OpenVPN

MeanMrMustardxx
OpenVpn Newbie
Posts: 2
Joined: Wed Jun 28, 2017 8:10 pm

Azure AD authentication for OpenVPN

Postby MeanMrMustardxx » Wed Jun 28, 2017 8:26 pm

I'm trying to authorize users to OpenVPN through Azure AD with https://github.com/outlook/openvpn-azure-ad-auth

I've successfully configured openvpn-azure-ad-auth and can get a success when running ./openvpn-azure-ad-auth.py --consent

I've added the following to my server's as.conf file:
------
auth-user-pass-verify /path/to/openvpn-azure-ad-auth.py via-env
script-security 3 execve
------

I've also tried appending the following to my openvpn client config with no luck:
auth-user-pass

The openvpn-azure-ad-auth.py script never even seems to be run when I try to connect as a user. I must be missing something. Any ideas?
I'm running openvpn-as version 2.1.4

novaflash
OpenVPN Expert
Posts: 383
Joined: Fri Apr 13, 2012 8:43 pm

Re: Azure AD authentication for OpenVPN

Postby novaflash » Thu Jun 29, 2017 7:46 am

Hello angry condiment,

It looks like you're trying to apply a guide for the open source OpenVPN version, to the commercial program Access Server. They're not the same program, so, it won't work that way. Instead you should go into the Admin UI, go to Authentication, and set it to LDAP. Make sure you're logged in as the 'openvpn' master user; that user will always be able to log in despite LDAP authentication not being configured fully yet and not actually working yet.

Then, set up the LDAP parameters so it connects to your LDAP server and tries to authenticate through there.

MeanMrMustardxx
OpenVpn Newbie
Posts: 2
Joined: Wed Jun 28, 2017 8:10 pm

Re: Azure AD authentication for OpenVPN

Postby MeanMrMustardxx » Thu Jun 29, 2017 3:28 pm

Thanks, looks like I've got a lot to ketchup on. (facepalm)

Unfortunately, I don't think standard LDAP will work for Azure AD (which actually uses OAuth for authorization). Good news is I'm not really bound to using Access Server so maybe I'll give Community Edition a shot and see how that works out.

Thanks again! Mayo the force be with you!

novaflash
OpenVPN Expert
Posts: 383
Joined: Fri Apr 13, 2012 8:43 pm

Re: Azure AD authentication for OpenVPN

Postby novaflash » Thu Jun 29, 2017 3:54 pm

Alright, good luck.

stilljake
OpenVpn Newbie
Posts: 1
Joined: Mon Jul 10, 2017 3:33 pm

Re: Azure AD authentication for OpenVPN

Postby stilljake » Mon Jul 10, 2017 3:35 pm

Hey,

Did you ever get this working?

if so would you mind sharing how you did it.

Cheers,


Return to “Access Server”

Who is online

Users browsing this forum: No registered users and 3 guests