I struggled a little to have it working and though it would be nice to share it, and maybe have it improved by the community.
This post auth script does the following :
- Get the username of the connecting user from OpenVPN
- Perform an LDAP lookup for this user and retreive his GivenName and Email address
- Send an email to the user stating : the date and time of the connection, the public IP used, and when possible the Mac address of the client.
The hard part was that the Post Auth Script is called multiple times during a user connection, but each time with different parameters.
Moreover, the script parameters changes regarding the current user authentication method (ldap, Google Auth etc ...) and client type (Windows, Android ...).
So this code is not perfect, I'm not a developer and therefore this is not the best code you will see !
It has been written to fit my organization and will probably not apply to you straight away.
Has you have guessed, this script is mainly a security feature, this enable a user to know if its account has been hijacked.
Anyway, here is the script : http://pastebin.com/fqaqYEcJ
Please feel free to comment it. If make any improvements to it, please post your changes in this thread
Have fun !
Both users and developers can post their Howto guides in this section.
1 post • Page 1 of 1
- OpenVpn Newbie
- Posts: 1
- Joined: Fri May 23, 2014 3:06 pm