I am attempting to configure OpenVPN to use openldap to authenticate our Active Directory users who are a member of our VPN group in AD. Here is my ldap config for OpenVPN. Specifically I need the filter string to allow enabled users who are a member of the _VPN group. The one you see below is from an example script I found that explains how to configure LDAP for openvpn.
SearchFilter "(&(objectClass=mailUser)(accountStatus=active)(enabledService=vpn))"
Any help is appreciated!
<LDAP> # LDAP server URL URL ldap://172.16.1.70
# Bind DN (If your LDAP server doesn't support anonymous binds) BindDN CN=ldapusername,OU=LDAP,DC=example,DC=local # Bind Password cn=vmail password Password *******
# Network timeout (in seconds) Timeout 15
</LDAP>
<Authorization> # Base DN BaseDN "dc=example,dc=local" # User Search Filter SearchFilter "(&(objectClass=mailUser)(accountStatus=active)(enabledService=vpn))" # Require Group Membership RequireGroup false </Authorization>
Josh Cole Network and Systems Engineer Fresno Pacific University (559) 453-3414