(Semi-)Fix for Auth4OpenVPN - Win2008R2 / Win2012R2
Posted: Sat Dec 20, 2014 7:43 pm
Hi!
I tried using Auth4OpenVPN for ADS authentication on a Window Server / Domain.
Auth4OpenVPN didn't work out of the Box for my 64bit Setup.
The crazy little thing - the script works fine when started in a cmd.exe shell
So I fooled around for a while, and came up with a solution.
The "auth-user-pass-verify" kills too much of the systems enviornment variables.
This variables have to survive, in order to make the COM/DCOM/OCX stuff that is used by Auth4OpenVPN
to work:
There the steps what you have to do:
1) get Auth4OpenVPN from https://sites.google.com/site/amigo4life2/openvpn
2) do the configuration to Auth4OpenVPN.ini (beyond this little tutorial)
3) create a batchfile in C:\Program Files\OpenVPN\config named "Auth4OpenVPN-64bitWrapper.cmd"
4) put the follwing content into that file (I assume standard windows installation C:\ drive and default directories)
5) put the following lines into server.ovpn
Conclusion:
- we have a working Auth4OpenVPN
- OpenVPN kills too much of the enviornment varables of Windows (well it's stupid OS because it depends on that stuff)
- security is horrible! everything depends on "exit 1" of a silly stupid dos batch file
- I suggest something a lot of better then this for production enviornment.
I tried using Auth4OpenVPN for ADS authentication on a Window Server / Domain.
Auth4OpenVPN didn't work out of the Box for my 64bit Setup.
The crazy little thing - the script works fine when started in a cmd.exe shell
So I fooled around for a while, and came up with a solution.
The "auth-user-pass-verify" kills too much of the systems enviornment variables.
This variables have to survive, in order to make the COM/DCOM/OCX stuff that is used by Auth4OpenVPN
to work:
Code: Select all
LOCALAPPDATA, CommonProgramFiles, CommonProgramFiles(x86), CommonProgramW6432
1) get Auth4OpenVPN from https://sites.google.com/site/amigo4life2/openvpn
2) do the configuration to Auth4OpenVPN.ini (beyond this little tutorial)
3) create a batchfile in C:\Program Files\OpenVPN\config named "Auth4OpenVPN-64bitWrapper.cmd"
4) put the follwing content into that file (I assume standard windows installation C:\ drive and default directories)
Code: Select all
set LOCALAPPDATA=C:\Users\%USERNAME%\AppData\Local
set CommonProgramFiles=C:\Program Files\Common Files
set CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
set CommonProgramW6432=C:\Program Files\Common Files
C:\Windows\System32\cscript.exe "C:\Program Files\OpenVPN\config\Auth4OpenVPN.vbs"
exit %errorlevel%
Code: Select all
script-security 3
auth-user-pass-verify Auth4OpenVPN-64bitWrapper.cmd via-env
- we have a working Auth4OpenVPN
- OpenVPN kills too much of the enviornment varables of Windows (well it's stupid OS because it depends on that stuff)
- security is horrible! everything depends on "exit 1" of a silly stupid dos batch file
- I suggest something a lot of better then this for production enviornment.