Error "env/config variable 'sa.sock' does not exist" when using LDAP

[YonJon]

I am having trouble getting LDAP working with OpenVPN. My server version is 2.8.5.

I am trying to use Azure ADDS as the LDAP server.
- I'm using a specific binding user
- The Base DN for user entries is

Code: Select all

CN=Users, DC=<domain root>, DC=us

- The Username attribute is set to "sAMAccountName"
- The additional LDAP requirement is

Code: Select all

memberOf=CN=OpenVPNAccess, CN=Users, DC=<domain root>, DC=us

The following query works when ran from the OpenVPN machine:

Code: Select all

ldapsearch -x -LLL -h 10.x.x.x -D <binding user UN> -w <binding user PW> -b "dc=<domain root>,dc=us" -s sub "(objectClass=user)" givenName

However, when I try to execute the ./authcli test login command for my user (who is in the query results) I get the following error:

Code: Select all

Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "build/bdist.linux-x86_64/egg/pyovpn/sagent/sagent_entry.py", line 60, in authcli
  File "build/bdist.linux-x86_64/egg/pyovpn/auth/authcli.py", line 18, in <module>
  File "build/bdist.linux-x86_64/egg/pyovpn/auth/authcli.py", line 28, in Options
  File "build/bdist.linux-x86_64/egg/pyovpn/util/env.py", line 243, in get_env
pyovpn.util.error.SimpleError: env/config variable 'sa.sock' does not exist

Do I have to try a full reinstall?

[YonJon]

It appears that this is the error you get if you don't run ./authcli with sudo. Also, I found out that I had to only specify the left part of my username email to get the login to work.

After removing the Additional LDAP Requirement, and stripping the Base DN for User Entries down to the minimum I am able to get a successful LDAP response from sudo ./authcli.