OpenVPN Username/Password authentication against an LDAP backend.
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
src
tests
.gitignore
Changelog
LICENSE.txt
Makefile.am
README
TODO
UPGRADE-from-0.0.X.txt
autogen.sh
configure.in

README

Dependencies:
-------------
libldap
libpthread
libtool

Installation:
-------------
aclocal
autoconf
libtoolize
automake --add-missing

./configure
make
make install

or

./autogen.sh
./configure
make
make install

Optionally, if you only ran make, you can copy the .so files
from src/.libs/

Configuration:
--------------

Grab the example configuration file: tests/config.conf

%u will be replaced by username

uri=ldap://192.168.9.135
search_filter=(uid=%u)
basedn=ou=users,dc=example,dc=com
binddn=cn=admin,dc=example,dc=com
bindpw=secret
version=3
#ssl=start_tls
#tls_reqcert=never
ssl=off
groupdn=ou=roles,dc=example,dc=com
group_search_filter=|(cn=vpn)(cn=sysadmins)
member_attribute=member

Default values are:
uri=ldap://localhost
basedn=ou=users,dc=example,dc=com
search_filter=(uid=%u)
ssl=off


In your openvpn config add:
plugin /etc/openvpn/ldap-auth/libopenvpn-ldap-auth.so -c /etc/openvpn/ldap-auth/ldap-auth.conf
also, setting:
tmp-dir /dev/shm

will help in case you do not run openvpn as root