I have on an OpenVPN server with the ldap plugin in the syslog the following error message, as long as connections are active:
openvpn: LDAP search failed: Referral (0000202B: RefErr: DSID-0310084A, data 0, 1 access points#012#011ref 1: 'example.com'#012)
This is my plugin config:
Code: Select all
<LDAP>
# LDAP server URL
URL ldap://dc01.my.company.com
BindDN "CN=ldapquery,OU=ldap,OU=services,OU=department1,DC=my,DC=company,DC=com"
Password "XXXXXXXXXXXXXXXXXXX"
Timeout 15
FollowReferrals yes
</LDAP>
<Authorization>
BaseDN "OU=department1,DC=my,DC=company,DC=com"
SearchFilter "(&(sAMAccountName=%u)(msNPAllowDialin=TRUE))"
RequireGroup false
<Group>
# Default is true. Match full user DN if true, uid only if false.
# RFC2307bis true
# Default is true. Uncomment and set to false if you want to use a Search operation to determine group
# membership instead of Compare. Lower performance, so Compare should generally be used, but Search is
# required in certain LDAP environments.
# UseCompareOperation true
BaseDN "ou=Groups,dc=example,dc=com"
SearchFilter "(|(cn=developers)(cn=artists))"
MemberAttribute uniqueMember
# Add group members to a PF table (disabled)
#PFTable ips_vpn_eng
</Group>
</Authorization>