|
|
On Fri, 29 Apr 2005 clancyian@xxxxxx wrote: > I'm attempting to authenticate my OpenVPN users against an OpenLDAP > Directory using the openvpn-auth-pam plugin in addition to using > certificates. My OpenVPN server is running version 2.0_rc10 on RH7.2 and > my Windows Clients are using OpenVPN-GUI version 1.0 . The > 'auth-user-pass' parameter in the clients prompts the user for a username > and password. > The good news is that this setup actully works, the bad news is that it > only works once. After sucessfull authentication, if i disconnect the VPN > and try to connect again authentication will fail. The output below is > copied from the terminal of the OpenVPN Server. > > ----------- TERMINAL OUTPUT START ---------------------------- > > AUTH-PAM: BACKGROUND: USER/PASS: Administrator/secret > AUTH-PAM: BACKGROUND: my_conv[0] query='login: ' style=2 > AUTH-PAM: BACKGROUND: name match found, query/match-string ['login: ', > 'login'] = 'USERNAME' > AUTH-PAM: BACKGROUND: my_conv[0] query='Password: ' style=1 > AUTH-PAM: BACKGROUND: name match found, query/match-string ['Password: ', > 'password'] = 'PASSWORD' > AUTH-PAM: BACKGROUND: user 'Administrator' failed to authenticate: Error > in service module According to this, the openvpn-auth-pam module sent the U/P to the PAM module, and the PAM library responded with the error code "Error in service module". You would have to dig deeper to see why the PAM LDAP module is failing (openvpn-auth-pam is just a proxy here). James ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |