Hi, On Wed, Feb 15, 2017 at 01:20:58PM +0000, debbie10t wrote: > I am curious if it is possible to auth a VPN user against > a windows account ? > > I do not know of any plugin for this, are there any ? > > My guess would be a script/batch file on the vpn server > which does some auth against windows server or AD.
Since user/pass authentication is always handled outside openvpn server
(plugin or --auth-user-pass-verify script) - yes, that would be the
way to go, and I see no reason why it shouldn't authenticate against
an AD.
I have not seen the necessary bits and pieces to do so - "something
from the samba (or openldap) suite" would likely be a good start point,
googling for how to make squid or apache authenticate against the AD.
Watchout that you don't try to build NTLM authentication :-) - this is
something people frequently do on their squid servers so people do not
have to enter credentials at all (since the browser can auto-submit
them) - but this would require client support that we do not have.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025 [email protected]
signature.asc
Description: PGP signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
