CERT assign AD user (LDAP)

Scripts to manage certificates or generate config files
Post Reply
tnandor85
OpenVpn Newbie
Posts: 2
Joined: Tue Oct 27, 2020 11:21 pm

CERT assign AD user (LDAP)

Post by tnandor85 » Tue Oct 27, 2020 11:28 pm

Hi,

Is it possible to assigne username to cert or cert to username?
Currently I can connect to vpn server with 1 cert and all AD user+pass (member of specified group).

Thanks in advance!

szett
OpenVpn Newbie
Posts: 3
Joined: Thu Nov 05, 2020 9:55 pm

Re: CERT assign AD user (LDAP)

Post by szett » Thu Nov 05, 2020 9:56 pm

Hey, could u share your confit for ldap AD with OpenVPN, it is not working for me. Idk why.

tnandor85
OpenVpn Newbie
Posts: 2
Joined: Tue Oct 27, 2020 11:21 pm

Re: CERT assign AD user (LDAP)

Post by tnandor85 » Tue Nov 24, 2020 11:37 pm

openvpn server config include this line, you should install openvpn-auth-ldap package

plugin /usr/lib/openvpn/openvpn-auth-ldap.so "/etc/openvpn/auth/auth-ldap.conf"

<LDAP>
# LDAP server URL
URL ldap://domain controller ip:389

BindDN "CN=ldapsyncusername,DC=example,DC=com"

Password "<password of ldapsyncuser>"

Timeout 15
TLSEnable no
FollowReferrals no
</LDAP>

<Authorization>
BaseDN "OU=Users or anything else,DC=example,DC=com"
SearchFilter "(sAMAccountName=%u)"
RequireGroup True
<Group>
BaseDN "OU=Users or anything else,DC=example,DC=com""
SearchFilter "(|(cn=Group of VPN users))"
MemberAttribute "member"
</Group>
</Authorization>

Post Reply