I have a working opeVPN AS, but when I configure through the webinterface to use Ldap for Authentication on a Windows 2008-R2, It work as long as I point it out to a OU. when I change to a security group in a OU there are Ldap authenticate errors.
Has anyone seen this kind of behavoiur or this setup ?
tx
Active directory and user groups
-
gondolin
- OpenVpn Newbie
- Posts: 12
- Joined: Mon Nov 22, 2010 3:06 pm
-
Mimiko
- Forum Team
- Posts: 1564
- Joined: Wed Sep 22, 2010 3:18 am
Re: Active directory and user groups
What errors dou you see? If this is related to LDAP would it best to ask on LDAP support forum?
-
gondolin
- OpenVpn Newbie
- Posts: 12
- Joined: Mon Nov 22, 2010 3:06 pm
Re: Active directory and user groups
Code: Select all
LDAP exception on ldap://172.16.1.11/ (facility='search ('cn=ovpn,ou=vpn,ou=Users-Home,dc=xxx,dc=net', 2, '(sAMAccountName=xxx)')'): user not found:
cn=ovpn is a group and the users are configured for that group.
-
Mimiko
- Forum Team
- Posts: 1564
- Joined: Wed Sep 22, 2010 3:18 am
Re: Active directory and user groups
As I fought, "user not found" is stating that OpenVPN invokes connection to LDAP server correctly and LDAP server returns a normal responce that the user does not exists. Check LDAP DB to be assure that the user "ovpn" is really in ou=Users-Home.
-
gondolin
- OpenVpn Newbie
- Posts: 12
- Joined: Mon Nov 22, 2010 3:06 pm
Re: Active directory and user groups
I think i'm doing something wrong here. ovpn is not a user but a group.
All my users are in the ou=Users-Home, and I create groups for each application with the nessesary users.
According to the properties is the windows LDAP I must use the 'cn=ovpn,ou=vpn,ou=Users-Home,dc=xxx,dc=net'
All my users are in the ou=Users-Home, and I create groups for each application with the nessesary users.
According to the properties is the windows LDAP I must use the 'cn=ovpn,ou=vpn,ou=Users-Home,dc=xxx,dc=net'