[Samba] OpenPVN authentication via Samba AD

Marco Shmerykowsky marco at sce-engineers.com
Tue Sep 1 17:07:30 UTC 2020

A little off topic, but this does revolve around

I'm hoping someone can help me get to a working aolution.
I haven't been able to find a clear quide, but it must
have been done by others.

I'm trying to use setup a VPN using OpenVPN on Pfsense
with authentication via my Samba AD (Version 4.9.4-Debian)

I keep getting a "Could not connect to LDAP server" error
when tying to configure the authentication server. When
I try to test the server I get a "Attempting to fetch Organizational
Units from XXXX failed" error.

The "button" in the gui that allows for "selecting a container"
for setting the authentication container doesn't work so
I set it manually (CN=users;DC=internal,DC=company,DC=com)

I've copied the ca.pem, cert.pem and key.pem files over to
pfsense to create the certificates.

The authentication server is set to type "LDAP" using a
transport of "TCP - standard" and a port of 389.  The
Peer Certificate Authority uses the cert created from
importing ca.pem.  The client certificate uses the cert
created from importing cert.pem and key.pem.

The base DN is correct (DN=internal,DN=company,DN=com).

The pfsense box can resolve the host name of the Samaba
machine  (machine.internal.company.com).

I have it set to use anonymous binds.

Some kind of connection issue I gather with connecting
to the Samba internal LDAP server.

Can anyone please point me in the correct direction? Thanks.

marco at sce-engineers.com

More information about the samba mailing list