[Samba] OpenPVN authentication via Samba AD
Marco Shmerykowsky
marco at sce-engineers.com
Tue Sep 1 17:07:30 UTC 2020
A little off topic, but this does revolve around
Samaba.
I'm hoping someone can help me get to a working aolution.
I haven't been able to find a clear quide, but it must
have been done by others.
I'm trying to use setup a VPN using OpenVPN on Pfsense
with authentication via my Samba AD (Version 4.9.4-Debian)
I keep getting a "Could not connect to LDAP server" error
when tying to configure the authentication server. When
I try to test the server I get a "Attempting to fetch Organizational
Units from XXXX failed" error.
The "button" in the gui that allows for "selecting a container"
for setting the authentication container doesn't work so
I set it manually (CN=users;DC=internal,DC=company,DC=com)
I've copied the ca.pem, cert.pem and key.pem files over to
pfsense to create the certificates.
The authentication server is set to type "LDAP" using a
transport of "TCP - standard" and a port of 389. The
Peer Certificate Authority uses the cert created from
importing ca.pem. The client certificate uses the cert
created from importing cert.pem and key.pem.
The base DN is correct (DN=internal,DN=company,DN=com).
The pfsense box can resolve the host name of the Samaba
machine (machine.internal.company.com).
I have it set to use anonymous binds.
Some kind of connection issue I gather with connecting
to the Samba internal LDAP server.
Can anyone please point me in the correct direction? Thanks.
--
Marco
marco at sce-engineers.com
More information about the samba
mailing list