GitHub - chantra/openvpn-ldap-auth: OpenVPN Username/Password authentication against an LDAP backend.

3 Branches 6 Tags

Name	Name	Last commit message	Last commit date
Latest commit chantra allow_core_files do not need to be global Sep 21, 2011 c21bce6 · Sep 21, 2011 History 89 Commits
src	src	allow_core_files do not need to be global	Sep 21, 2011
tests	tests	Adding some docs on 0.0.X to 0.1.X upgrade	Aug 3, 2010
.gitignore	.gitignore	Adding config.h.in to .gitignore	Mar 6, 2011
Changelog	Changelog	updating changelog	Jul 26, 2011
LICENSE.txt	LICENSE.txt	License update	May 20, 2010
Makefile.am	Makefile.am	OpenVPN auth-ldap authentication now works	Oct 8, 2009
README	README	Updating README/UPGRADE DOC	Jul 11, 2011
TODO	TODO	Handle default_pf_rules profile option	Jul 30, 2010
UPGRADE-from-0.0.X.txt	UPGRADE-from-0.0.X.txt	Updating README/UPGRADE DOC	Jul 11, 2011
autogen.sh	autogen.sh	Version 0.0.3	May 11, 2010
configure.in	configure.in	Really allowing core generation	Sep 21, 2011

Repository files navigation

Dependencies:
-------------
libldap
libpthread
libtool

Installation:
-------------
aclocal
autoconf
libtoolize
automake --add-missing

./configure
make
make install

or

./autogen.sh
./configure
make
make install

Optionally, if you only ran make, you can copy the .so files
from src/.libs/

Configuration:
--------------

Grab the example configuration file: tests/config.conf

%u will be replaced by username

uri=ldap://192.168.9.135
search_filter=(uid=%u)
basedn=ou=users,dc=example,dc=com
binddn=cn=admin,dc=example,dc=com
bindpw=secret
version=3
#ssl=start_tls
#tls_reqcert=never
ssl=off
groupdn=ou=roles,dc=example,dc=com
group_search_filter=|(cn=vpn)(cn=sysadmins)
member_attribute=member

Default values are:
uri=ldap://localhost
basedn=ou=users,dc=example,dc=com
search_filter=(uid=%u)
ssl=off


In your openvpn config add:
plugin /etc/openvpn/ldap-auth/libopenvpn-ldap-auth.so -c /etc/openvpn/ldap-auth/ldap-auth.conf
also, setting:
tmp-dir /dev/shm

will help in case you do not run openvpn as root