[Date Prev][Date Next] [Chronological] [Thread] [Top]

Users with multiple passwords?



Hello All,
I have OpenLDAP (2.4.31-1+nmu2ubuntu8.2) setup to authenticate users on our LAN with ActiveDirectory using SASL passthrough.

I want to give some of these users access to VPN (OpenVPN) services (auth with the same OpenLDAP server above) however I want to give them an {SHA1} password to access the VPN.

I've created another OU (OU=vpnuser) and simply duplicated the entire user entry into it. I have the VPN server using a searchbase of "OU=vpnuser.." and things are working as I want... sort of..

Some software on the LAN finds two users in ldap now so I explicitly exclude OU=vpnuser from searchbases (!OU=vpnuser). ugh..

Is there a better way to accomplish what I am trying to do? Give the same user two different passwords in the ldap tree?

Thanks