It is possible to mix ldap and MFA with google authenticator in Community Edition?

How to customize and extend your OpenVPN installation.
Post Reply
wagnergt12
OpenVpn Newbie
Posts: 1
Joined: Mon May 24, 2021 6:51 pm

It is possible to mix ldap and MFA with google authenticator in Community Edition?

Post by wagnergt12 » Mon May 24, 2021 7:22 pm

Hello guys

I'm trying to extend the security of my VPN including MFA with Google Authenticator.
Currently I run a Debian server that works fine with my LDAP environment, I want to know if is possible to achieve that with community edition,
I have done some researches about how to implement OpenVPN + LDAP + MFA, can somebody telme if is this possible and if so point me to the right direction?

nothing
OpenVpn Newbie
Posts: 1
Joined: Thu Oct 09, 2014 12:46 pm

Re: It is possible to mix ldap and MFA with google authenticator in Community Edition?

Post by nothing » Sat Jul 10, 2021 5:39 am

Yes, that is possible.
You should install libpam-google-authenticator, freeradius, sssd, sssd-tools, libnss-sss, libpam-sss, realmd, adcli...
Then join your debian PC to AD (using "realm join..."), configure freeradius with pam authentication and use it as "external" authentication method in openvpn configuration.

Post Reply