[eduVPN-deploy] LDAP authentication, LDAP ACL
François Kooman
fkooman at tuxed.net
Fri Nov 24 20:00:41 CET 2017
On 11/23/2017 11:26 AM, François Kooman wrote:
> So far I only tested it with Red Hat Directory Server, it would be
> helpful to get some more testing results with different LDAP
> servers, e.g. AD or OpenLDAP.
I also tested now with FreeIPA [3]. Works fine as well! In order to
retrieve the list of groups the user is a member of a "bind" is needed,
so that's also implemented now in vpn-server-api (see earlier mail about
vpn-server-api) 1.1.1). I'm pretty sure MSAD does not work currently as
there may be the need to implement a "search" to find the user's DN
based on the login name first before binding with it to authenticate the
user... If anyone has any clue about this, please let me know :)
The LDAP configuration documentation [1,2] was also updated.
Cheers,
François
[1] https://github.com/eduvpn/documentation/blob/master/LDAP.md
[2] https://github.com/eduvpn/documentation/blob/master/ACL.md#ldapprovider
[3] https://www.freeipa.org/
More information about the eduVPN-deploy
mailing list