[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Users with multiple passwords?



Hi,

You could use a filter to restrict the responses returned to the VPN
server based on the IP address of the server performing the query?

Regards
/Cole

On 3 March 2016 at 17:01, dev <devuan.2@gmail.com> wrote:
> Hello All,
> I have OpenLDAP (2.4.31-1+nmu2ubuntu8.2) setup to authenticate users on our
> LAN with ActiveDirectory using SASL passthrough.
>
> I want to give some of these users access to VPN (OpenVPN) services (auth
> with the same OpenLDAP server above) however I want to give them an {SHA1}
> password to access the VPN.
>
> I've created another OU (OU=vpnuser) and simply duplicated the entire user
> entry into it. I have the VPN server using a searchbase of "OU=vpnuser.."
> and things are working as I want... sort of..
>
> Some software on the LAN finds two users in ldap now so I explicitly exclude
> OU=vpnuser from searchbases (!OU=vpnuser). ugh..
>
> Is there a better way to accomplish what I am trying to do? Give the same
> user two different passwords in the ldap tree?
>
> Thanks
>
>
>