Welcome, Guest. Please login or register.
Did you miss your activation email?
Friday 15 November 2024, 05:09:13 am

Login with username, password and session length

Visit the Official Endian Reference Manual  HERE
14255 Posts in 4377 Topics by 6515 Members
Latest Member: hulteends
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  VPN Support
| | |-+  LDAP auth
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: LDAP auth  (Read 11239 times)
maxxer
Full Member
***
Offline Offline

Posts: 13


« on: Saturday 16 October 2010, 02:29:46 am »

Hi
I am following the kb article  to enable LDAP auth, but I'm not succeeding. I'm using Zimbra as LDAP server, and my /var/efw/openvpn/settings looks like:

Code:
AUTHENTICATION_STACK=ldap,local
AUTH_TYPE=psk
CLIENT_TO_CLIENT=on
DOMAIN=mydomain.it
DROP_DHCP=
GLOBAL_DNS=10.22.22.1
LDAP_BIND_DN=cn=uid=zimbra,cn=admins,cn=zimbra
LDAP_BIND_PASSWORD=ldappwd
LDAP_GROUP_BASEDN=ou=groups,dc=mydomain,dc=it
LDAP_GROUP_MEMBERATTRIBUTE=uniqueMember
LDAP_GROUP_SEARCHFILTER=(|(cn=vpn))
LDAP_REQUIRE_GROUP=on
LDAP_URI=ldap://zimbraserver
LDAP_USER_BASEDN=ou=people,dc=mydomain,dc=it
LDAP_USER_SEARCHFILTER=(&(uid=%(u)s))
OPENVPN_ENABLED=on
OPENVPN_PORT=41194
PURPLECLIENT_BEGIN_DEVICE=tap2
PURPLE_DEVICE=tap0
PURPLE_IP_BEGIN=10.22.22.231
PURPLE_IP_END=10.22.22.240
PUSH_DOMAIN=
PUSH_GLOBAL_DNS=
PUSH_GLOBAL_NETWORKS=
I don't need much filtering as in the example, so I stripped of some options. I just need users to be in the vpn group.

Anything wrong?
thanks
Logged
maxxer
Full Member
***
Offline Offline

Posts: 13


« Reply #1 on: Sunday 17 October 2010, 08:44:34 am »

ok this is the right config:

Code:
LDAP_BIND_DN=uid=zimbra,cn=admins,cn=zimbra
LDAP_BIND_PASSWORD=MYLDAPPASS
LDAP_GROUP_BASEDN=ou=groups,dc=MYDOMAIN,dc=it
LDAP_GROUP_MEMBERATTRIBUTE=memberUid
LDAP_GROUP_SEARCHFILTER=(|(cn=vpn))
LDAP_REQUIRE_GROUP=on
LDAP_URI=ldap://MYZIMBRASERV
LDAP_USER_BASEDN=ou=people,dc=MYDOMAIN,dc=it
LDAP_USER_SEARCHFILTER=(&(uid=%(u)s))
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.031 seconds with 17 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com