Skip to content

OpenVPN Username/Password authentication against an LDAP backend.

License

Notifications You must be signed in to change notification settings

chantra/openvpn-ldap-auth

Repository files navigation

Dependencies:
-------------
libldap
libpthread
libtool

Installation:
-------------
aclocal
autoconf
libtoolize
automake --add-missing

./configure
make
make install

or

./autogen.sh
./configure
make
make install

Optionally, if you only ran make, you can copy the .so files
from src/.libs/

Configuration:
--------------

Grab the example configuration file: tests/config.conf

%u will be replaced by username

uri=ldap://192.168.9.135
search_filter=(uid=%u)
basedn=ou=users,dc=example,dc=com
binddn=cn=admin,dc=example,dc=com
bindpw=secret
version=3
#ssl=start_tls
#tls_reqcert=never
ssl=off
groupdn=ou=roles,dc=example,dc=com
group_search_filter=|(cn=vpn)(cn=sysadmins)
member_attribute=member

Default values are:
uri=ldap://localhost
basedn=ou=users,dc=example,dc=com
search_filter=(uid=%u)
ssl=off


In your openvpn config add:
plugin /etc/openvpn/ldap-auth/libopenvpn-ldap-auth.so -c /etc/openvpn/ldap-auth/ldap-auth.conf
also, setting:
tmp-dir /dev/shm

will help in case you do not run openvpn as root

About

OpenVPN Username/Password authentication against an LDAP backend.

Resources

License

Stars

Watchers

Forks

Packages

No packages published