Setup OpenVPN Access Server LDAP Authentication

#OpenVPN #AccessServer #LDAP

Full steps can be found at https://i12bretro.github.io/tutorials/0207.html

1. Log into OpenVPN Access Server
2. Click Authentication ≫ LDAP in the left navigation menu
3. Click the Use these credentials toggle to Yes
4. Fill in the LDAP configuration form as follows: LDAP host: i12bretro.local Base DN: CN=Users,DC=i12bretro,DC=local Username Attribute: sAMAccountName Bind DN: readonly_svc@i12bretro.local Additional LDAP Requirements: memberOf=CN=VPN Users, CN=Users, DC=i12bretro, DC=local
5. Click the Save Settings button
6. Click User Management ≫ User Permissions in the left navigation
7. Create a new username matching an LDAP user name and click the Admin checkbox
8. Click the Save Settings button
9. Go back to Authentication ≫ LDAP in the left navigation menu
10. Click the Use LDAP button
11. Click the Update Running Server button
12. Click Logout at the bottom of the left navigation
13. Log back in with the newly created user and their Active Directory password

Note: If LDAP authentication fails, revert back to local authentication using the following commands:

cd /usr/local/openvpn_as/scripts

./sacli --key "auth.module.type" --value="local" ConfigPut

./scali start

If you ever mess up the OpenVPN AS configuration beyond repair, run the following command to reset the configuration back to defaults and try again:

ovpn-init --force

Connect with me and others

Discord: https://discord.com/invite/EzenvmSHW8 ... https://www.youtube.com/watch?v=5MnVj-U6jUQ