|
Title: auth-user-pass-verify: external program exited with error status: 1 OPENVPN LDAP Post by: ralves_r on Friday 15 May 2015, 02:52:07 am Failed running command (--auth-user-pass-verify): external program exited with error status: 1 - OPENVPN Authentication on LDAP
Hello , Recently made an update to the version of Endian Firewall 3.0devel to 3.0.5beta1 in my old version i activate OpenVPN authentication in active directory by following the guide Endian on site, in the new version this feature does not work correct, only local user connection work. see log: Wed May 13 16:46:25 2015 OpenVPN 2.3.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Mar 19 2015 Wed May 13 16:46:25 2015 library versions: OpenSSL 1.0.1m 19 Mar 2015, LZO 2.08 Wed May 13 16:46:25 2015 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340 Wed May 13 16:46:25 2015 Need hold release from management interface, waiting... Wed May 13 16:46:26 2015 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340 Wed May 13 16:46:26 2015 MANAGEMENT: CMD 'state on' Wed May 13 16:46:26 2015 MANAGEMENT: CMD 'log all on' Wed May 13 16:46:26 2015 MANAGEMENT: CMD 'hold off' Wed May 13 16:46:26 2015 MANAGEMENT: CMD 'hold release' Wed May 13 16:46:33 2015 MANAGEMENT: CMD 'username "Auth" "rodrigo.alves"' Wed May 13 16:46:33 2015 MANAGEMENT: CMD 'password [...]' Wed May 13 16:46:33 2015 Socket Buffers: R=[65536->65536] S=[64512->64512] Wed May 13 16:46:33 2015 UDPv4 link local: [undef] Wed May 13 16:46:33 2015 UDPv4 link remote: [AF_INET]myip:1194 Wed May 13 16:46:33 2015 MANAGEMENT: >STATE:1431546393,WAIT,,, Wed May 13 16:46:33 2015 MANAGEMENT: >STATE:1431546393,AUTH,,, Wed May 13 16:46:33 2015 TLS: Initial packet from [AF_INET]myip:1194, sid=ee9ed129 15a74f6b Wed May 13 16:46:33 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Wed May 13 16:46:33 2015 VERIFY OK: depth=1, C=IT, O=efw, CN=efw CA Wed May 13 16:46:33 2015 VERIFY OK: nsCertType=SERVER Wed May 13 16:46:33 2015 VERIFY OK: depth=0, C=AF, CN=myip Wed May 13 16:46:33 2015 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Wed May 13 16:46:33 2015 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed May 13 16:46:33 2015 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Wed May 13 16:46:33 2015 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed May 13 16:46:33 2015 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Wed May 13 16:46:33 2015 [myip] Peer Connection Initiated with [AF_INET]myip:1194 Wed May 13 16:46:34 2015 MANAGEMENT: >STATE:1431546394,GET_CONFIG,,, Wed May 13 16:46:35 2015 SENT CONTROL [myip]: 'PUSH_REQUEST' (status=1) Wed May 13 16:46:35 2015 AUTH: Received control message: AUTH_FAILED Wed May 13 16:46:35 2015 SIGUSR1[soft,auth-failure] received, process restarting Wed May 13 16:46:35 2015 MANAGEMENT: >STATE:1431546395,RECONNECTING,auth-failure,, Wed May 13 16:46:35 2015 Restart pause, 2 second(s) #configuration /var/efw/openvpn/settings AUTHENTICATION_STACK=ldap,local CA_FILENAME=cacert.pem CLIENT_TO_CLIENT=on LDAP_BIND_DN=cn=endian,cn=Users,dc=domain,dc=com,dc=br LDAP_BIND_PASSWORD=pass LDAP_URI=ldap://mylocalipAD LDAP_USER_BASEDN=cn=Users,dc=domain,dc=com,dc=br LDAP_USER_SEARCHFILTER=(&(objectCategory=person)(objectClass=user)(sAMAccountName=%(u)s)) OPENVPN_ENABLED=on User connect ok in option Proxy HTTP Authentication,NTLM connection and LDAP. Configuration OPENVPN Client: client dev tap proto udp remote myip 1194 resolv-retry infinite nobind persist-key persist-tun auth-user-pass ns-cert-type server ca cacert.pem verb 3 comp-lzo Title: Re: auth-user-pass-verify: external program exited with error status: 1 OPENVPN LDAP Post by: leotuxbr on Saturday 13 June 2015, 05:02:52 am have the same problem after update to 3.0.5 BETA1 WARNING: Failed running command (--auth-user-pass-verify): external program exited with error status: 1 Authentication Test: openvpn-auth -i Username: vpnuser Password: 2015-06-12 11:14:47,656 - openvpn-auth[22532] - INFO - User 'vpnuser' authenticated by module 'ldap'. What could be happening? Title: Re: auth-user-pass-verify: external program exited with error status: 1 OPENVPN LDAP Post by: borinid on Saturday 10 October 2015, 02:35:12 am i had the same problem, just change in /etc/openvpn/openvpn.conf.tmpl
from auth-user-pass-verify "/usr/bin/openvpn-auth-user-pass" via-env to auth-user-pass-verify "/usr/bin/openvpn-auth" via-file and then restart service. this will work. Title: Re: auth-user-pass-verify: external program exited with error status: 1 OPENVPN LDAP Post by: razvan666666 on Friday 10 February 2017, 10:49:27 pm Does anyone know how to integrate OpenVPN with LDAP on endian 3.2.2 community
Title: auth user pass verify external program exited with error status 1 OPENVPN LDAP Post by: Pefecluple on Wednesday 04 October 2017, 03:48:03 am Region : Others
Model : TL-ER604W Hardware Version : V1 Firmware Version : ISP : Cable & Wireless What MAC VPN client work with the TL-ER604W? |