Hi, On Sat, Apr 04, 2020 at 06:54:48AM -0600, The Doctor wrote: > > As soon as you have the TLS-Auth part sorted out - there is no > > authentication backend configured on the server, so it won't do > > LDAP or radius. As for "how to do this", there's many possible ways > > - you can use a plugin (plugin_auth_pam is a good start, and then > > pam_radius or pam_ldap), or a script (--auth-user-pass-verify, see > > the man page), ... > > pam has always been problematic even on SASl, hence why I avoid it.
Then have a good look at "--auth-user-pass-verify", which will call
a script with username+password provided, and the script can do whatever
you want to verify these - LDAP, Radius, ...
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
