[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Users with multiple passwords?
- To: dev <devuan.2@gmail.com>
- Subject: Re: Users with multiple passwords?
- From: Cole <cole@opteqint.net>
- Date: Thu, 3 Mar 2016 22:06:36 +0200
- Cc: openldap-technical@openldap.org
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=opteqint-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=6uw4D8/+uAZueoFu3Gj5roLYnWy/nuoIjZE5N3SEOZo=; b=QKjZRBYlvoYqEDYAbDbqWnSK4pn842UdF67Q3XTFrDoP8TwLkEEEWzt47tdU4w2Vsw MbFRc5A04F0jokn8F/J3awmFJBh7yHMpeuc7usA6VSrzJtMUnBNZRH9Y8PK6l0qJY7v9 230eCPynv5Iwd3caRQSV1tj2S5vPRWgNe6cf9DNJL35erMJRFF75on7iM5p9niWFHgGn xd9wObQ6pxm6BULSp4+i+7lvq5Sg9pjQx5kMlr9AoPjSnNsaZWx0pQYwc6NGMCJiRiuE NV4OZSlqbD2gSRkW8pdX8hulm2Dh1SxV5hDvcs0HLFzrwWc0RxHl5s2wA7+DBRaQUINL 6CCg==
- In-reply-to: <56D851D2.6080801@gmail.com>
- References: <56D851D2.6080801@gmail.com>
Hi,
You could use a filter to restrict the responses returned to the VPN
server based on the IP address of the server performing the query?
Regards
/Cole
On 3 March 2016 at 17:01, dev <devuan.2@gmail.com> wrote:
> Hello All,
> I have OpenLDAP (2.4.31-1+nmu2ubuntu8.2) setup to authenticate users on our
> LAN with ActiveDirectory using SASL passthrough.
>
> I want to give some of these users access to VPN (OpenVPN) services (auth
> with the same OpenLDAP server above) however I want to give them an {SHA1}
> password to access the VPN.
>
> I've created another OU (OU=vpnuser) and simply duplicated the entire user
> entry into it. I have the VPN server using a searchbase of "OU=vpnuser.."
> and things are working as I want... sort of..
>
> Some software on the LAN finds two users in ldap now so I explicitly exclude
> OU=vpnuser from searchbases (!OU=vpnuser). ugh..
>
> Is there a better way to accomplish what I am trying to do? Give the same
> user two different passwords in the ldap tree?
>
> Thanks
>
>
>