Page 1 of 1
CERT assign AD user (LDAP)
Posted: Tue Oct 27, 2020 11:28 pm
by tnandor85
Hi,
Is it possible to assigne username to cert or cert to username?
Currently I can connect to vpn server with 1 cert and all AD user+pass (member of specified group).
Thanks in advance!
Re: CERT assign AD user (LDAP)
Posted: Thu Nov 05, 2020 9:56 pm
by szett
Hey, could u share your confit for ldap AD with OpenVPN, it is not working for me. Idk why.
Re: CERT assign AD user (LDAP)
Posted: Tue Nov 24, 2020 11:37 pm
by tnandor85
openvpn server config include this line, you should install openvpn-auth-ldap package
plugin /usr/lib/openvpn/openvpn-auth-ldap.so "/etc/openvpn/auth/auth-ldap.conf"
<LDAP>
# LDAP server URL
URL ldap://domain controller ip:389
BindDN "CN=ldapsyncusername,DC=example,DC=com"
Password "<password of ldapsyncuser>"
Timeout 15
TLSEnable no
FollowReferrals no
</LDAP>
<Authorization>
BaseDN "OU=Users or anything else,DC=example,DC=com"
SearchFilter "(sAMAccountName=%u)"
RequireGroup True
<Group>
BaseDN "OU=Users or anything else,DC=example,DC=com""
SearchFilter "(|(cn=Group of VPN users))"
MemberAttribute "member"
</Group>
</Authorization>