Join Log in
Score:1
Dave avatar Server

Openvpn ldap configuration

hk flag
Dave

I have installed openvpn and i have configured LDAP with microsoft active direcoty. Eevrything is OK. But now, I want to setup encrypted connection to this Active Directory server. When I turn on TLS on ovpn server, it doesn't work. What I need to setup on ovpn server and AD, please? I didn't found any tutorial.

Thank you very much

<LDAP>
# LDAP server URL
URL       ldap://ad.xxxxxx.eu    
# Bind DN (If your LDAP server doesn't support anonymous binds)
BindDN  [email protected]
# Bind Password
Password  "xxxxx"
# Network timeout (in seconds)
Timeout   15
# Enable Start TLS
TLSEnable no
# Follow LDAP Referrals (anonymously)
FollowReferrals no
# TLS CA Certificate File
#TLSCACertFile /root/ldaps.cer
# TLS CA Certificate Directory
#TLSCACertDir  /root/

# Client Certificate and key
#If TLS client authentication is required
#TLSCertFile        /root/cert1.cer
#TLSKeyFile /etc/openvpn/server/ovpn_AD.key

This config is good, everything is fine. But when I add certificate and turn on tls, authentication is not working...

135
1 + 0
Score:0
Manu avatar Server
us flag
Manu

Make sure your domain controllers have a certificate installed whose cn matches the URL you are using in your configuration.

Enbale TLS (STARTTLS)

And make sure your openvpn server trusts this certificate by also providing it or the appropriate intermediate/root certificate to the openvpn server.

Find some useful practices for troubleshooting LDAP with STARTTL on AD here: https://active-directory-wp.com/docs/Networking/Encryption_with_TLS.html

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.