[kwlug-disc] OpenVPN with multiple servers
John Van Ostrand
john at netdirect.ca
Tue Dec 21 13:02:07 EST 2010
----- Original Message -----
> SearchFilter
> "(&(objectClass=mailUser)(accountStatus=active)(enabledService=vpn))"
>
> Change the "enabledService=vpn" to something like
> "enabledService=server-a-vpn" and "enabledService=server-b-vpn".
Incidentally, in OpenVPN's case (as in many other LDAP clients) a search filter is how authorization is often determined. It allows the admin to choose any attribute with which to grant access. In this case the directory entry has to have the "objectClass" of "mailUser" (which, now that I'm looking at seems like it may not fit everyone.) it also has to have the attribute of "accountStatus" set to the string "active" as well as the proper enabled service.
This is just a free form query that could look like anything. Think of an SQL query, this would be the WHERE clause.
--
John Van Ostrand
CTO, co-CEO
Net Direct Inc.
564 Weber St. N. Unit 12, Waterloo, ON N2L 5C6
Ph: 866-883-1172 x5102
Fx: 519-883-8533
Linux Solutions / IBM Hardware
More information about the kwlug-disc
mailing list