Hi,
I have run in to a problem that I would like to be solved if possible. I have created an enviroment in AWS with windows servers, active directory and OpenVPN with Google Authenticator as MFA. So far so good!
But!
When the users password expires in the active directory and needs to be changed the OpenVPN server cannot authenticate the user and change the password and of course not log on.
How is this handle by you?
Any suggestions would help!
Thanks!
Handle Expired Passwords either via LDAP or radius
-
- OpenVpn Newbie
- Posts: 1
- Joined: Sun Sep 02, 2018 6:57 pm
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: Handle Expired Passwords either via LDAP or radius
Unfortunately Access Server can only use an external source for authentication, and cannot reach into the authentication system to challenge and replace the password. That will still have to be handled in that external authentication system.
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.