[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Users with multiple passwords?
- To: openldap-technical@openldap.org
- Subject: Users with multiple passwords?
- From: dev <devuan.2@gmail.com>
- Date: Thu, 3 Mar 2016 09:01:38 -0600
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:subject:to:message-id:date:user-agent:mime-version :content-transfer-encoding; bh=3W1UC7ULERF1MOZnsFvyu6P28LTTzabqny7HPx+mYmI=; b=vn3O7xhKL/z87JB9SEjpJht0yxbuVYwAIwmhVzJdb/xP14Dx3dq5cDfDePM+iZU1SW DbBIT05RMk88vZStKGTW0HcdF/vyNHrQ/7QEvQvZPcXe1zpiSbalxmiFuIVgBah1P+iP JwNCESrLGp3HTsiN6TFl3dD7JGX0Cro24yuiKllPfj/Ld2H2QAznrDv4oZ6hiyPFyVfD POzUtdivzTRtu0+e/6y0FVglig2EeSY8Df+mDmrWlnectWP8Cumio5l/lOkEtHAGO2us KICPb31cVLmiDCNxyED5dIokYrpwBtxySfyWXebYHbEkd2vloOlCoajMpC0UCNKWd6kn OZ5A==
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
Hello All,
I have OpenLDAP (2.4.31-1+nmu2ubuntu8.2) setup to authenticate users on
our LAN with ActiveDirectory using SASL passthrough.
I want to give some of these users access to VPN (OpenVPN) services
(auth with the same OpenLDAP server above) however I want to give them
an {SHA1} password to access the VPN.
I've created another OU (OU=vpnuser) and simply duplicated the entire
user entry into it. I have the VPN server using a searchbase of
"OU=vpnuser.." and things are working as I want... sort of..
Some software on the LAN finds two users in ldap now so I explicitly
exclude OU=vpnuser from searchbases (!OU=vpnuser). ugh..
Is there a better way to accomplish what I am trying to do? Give the
same user two different passwords in the ldap tree?
Thanks