I am trying to set up an OpenVPN server as follows on Azure:
I have an active directory domain controller hosted in a VNet with static private IP 10.0.0.5, the domain is corp.example.com. This server is running on Windows Server 2016.
I have an ubuntu server running OpenVPN Access Server in the same VNet with a static public IP and a static private IP as 10.0.0.7.
I am trying to have users authenticate against the Active Directory server.
Currently, my settings are as follows:
- LDAP Primary is set to 10.0.0.5
- Base DN is set to -- CN="Users",DC="corp",DC="example",DC="com"
- Username attribute is sAMAccountName
Now I have tried creating a bind account, and also setting up anonymous binding to no avail.
Using the authcli script I get the following error: An error occured while connecting: 13: Permission denied.
Does the ubuntu server need to be joined to the domain?
Are there any ports that need to be open that aren't by default?
What else can I do to troubleshoot?
Authenticate using LDAP on Active Directory on Azure
-
- OpenVpn Newbie
- Posts: 1
- Joined: Mon May 07, 2018 7:20 pm
-
- OpenVPN User
- Posts: 39
- Joined: Thu Apr 26, 2018 2:45 pm
Re: Authenticate using LDAP on Active Directory on Azure
Hi, connerkid,
I was able to get something similar working in VirtualBox: https://bbuckman.github.io/openvpn/2018 ... ctory.html
Billy.
I was able to get something similar working in VirtualBox: https://bbuckman.github.io/openvpn/2018 ... ctory.html
Billy.
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: Authenticate using LDAP on Active Directory on Azure
> Using the authcli script I get the following error: An error occured while connecting: 13: Permission denied.
You need to be root when using that command.
Also see:
https://docs.openvpn.net/configuration/ ... -via-ldap/
https://docs.openvpn.net/troubleshootin ... -problems/
You need to be root when using that command.
Also see:
https://docs.openvpn.net/configuration/ ... -via-ldap/
https://docs.openvpn.net/troubleshootin ... -problems/
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.