Handle Expired Passwords either via LDAP or radius

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
marcus.k.berglund@gmail.com
OpenVpn Newbie
Posts: 1
Joined: Sun Sep 02, 2018 6:57 pm

Handle Expired Passwords either via LDAP or radius

Post by marcus.k.berglund@gmail.com » Sun Sep 02, 2018 7:09 pm

Hi,

I have run in to a problem that I would like to be solved if possible. I have created an enviroment in AWS with windows servers, active directory and OpenVPN with Google Authenticator as MFA. So far so good!

But!

When the users password expires in the active directory and needs to be changed the OpenVPN server cannot authenticate the user and change the password and of course not log on.

How is this handle by you?

Any suggestions would help!

Thanks!
Top
User avatar
novaflash
OpenVPN Inc.
Posts: 1073
Joined: Fri Apr 13, 2012 8:43 pm

Re: Handle Expired Passwords either via LDAP or radius

Post by novaflash » Sun Sep 02, 2018 7:11 pm

Unfortunately Access Server can only use an external source for authentication, and cannot reach into the authentication system to challenge and replace the password. That will still have to be handled in that external authentication system.
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.
Top
Post Reply

Return to “The OpenVPN Access Server”