2012/2/28 Carsten Krüger <c.krue...@gmx.org>: >> * New OpenVPN-GUI > > Are there any chances to get full non-admin support for windows in version > 2.3 final? > > I mean strict seperation between OpenVPN service running with local system > privileges (can modify routes, etc.) and usermode part (command line, maybe > GUI) that > interacts with user (start/stop tunnel, ask for passphrase, pin for > smartcard, etc.). > > In companies that have security in mind it's impossible to allow > roadwarriors to connect via openvpn because they would need admin > privileges. > Give them only the privilege to start/stop the openvpn service didn't help > because they can't supply credentials. > > I'm complaining about this show stoppper for ~4 years :-( > > I personally like openvpn very much and would like to deploy it for > our users but I've to buy Cisco because the windows client is better.
This is *THE* missing functionality in Windows environment. It seems that nobody interested in developing proper UI using management interface for Windows. Same goes to proper smartcard support. In Linux I am using OpenVPN using unprivileged user (completely!) the daemon runs under my own user, see[1]. Alon. [1] http://en.gentoo-wiki.com/wiki/OpenVPN_Non_Root