So, i have spent a few hours trying to get the external program authentication piece working. I'm 100% sure my program works, provided I pass username/password in environment variables. My program logs activity into a txt file, so i can know when its being invoked.
No matter what i do, it doesn't seem like my program is being executed at all by OpenVPN, and from the client perspective, any username/password combination is accepted as good. I have already taken care to set script-security to 3, which seems to be the most common cause for this problem.
Any help would be greatly appreciated.
Details below:
Windows Server 2016
Open VPN 2.4.4.0
Open VPN Server running as local system
Config file C:\Program Files\OpenVPN\config\server.ovpn
Server Config
port 1194
proto udp
dev tun
ca "C:\\Program Files\\OpenVPN\\config\\xx.crt"
cert "C:\\Program Files\\OpenVPN\\config\\xx.crt"
key "C:\\Program Files\\OpenVPN\\config\\xx.key"
dh dh4096.pem
server xx.xx.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route xx.xx.xx.0 255.255.255.0"
push "route xx.xx.xx.0 255.255.255.0"
push "dhcp-option DNS xx.xx.xx.xx"
push "dhcp-option DNS xx.xx.xx.xx"
push "dhcp-option DOMAIN xx.xx"
push "dhcp-option SEARCH xx.xx"
client-to-client
keepalive 10 120
cipher AES-256-CBC
persist-key
persist-tun
status openvpn-status.log
verb 5
explicit-exit-notify 1
#Custom auth
script-security 3
auth-user-pass-verify "C:/Progra~1/OpenVPN/bin/customauth/customauth.exe" via-env
client-cert-not-required
username-as-common-name