|
|
Alon Bar-Lev wrote: > Nuno Marques wrote: > >> Hi, >> >> do anyone knows a way to verify that the common name in a certificate is >> equal to the username sent when prompted by the auth-user-pass-verify >> option? >> >> The only way I can think of is writing the username to a file in the >> auth-user-pass-verify script, and then having another script that knows >> the certificate details to compare both fields. But I don't know how to >> execute a script having the certificate details passed as an argument. >> Is it possible? >> >> TIA, >> >> Nuno Marques >> > > Hello, > > Maybe I don't understand... > > Why do you mix username and certificate? If you give a different > certificate for each user it should be sufficient. > > Best Regards, > Alon Bar-Lev. > > > ------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. Do you grep through log > files > for problems? Stop! Download the new AJAX search engine that makes > searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx > https://lists.sourceforge.net/lists/listinfo/openvpn-users > Hi, I'm giving a different certificate to each user, and all the ceertificates have the correct username in them, but I also need the username/password to validate the user in the Active Directory, so it can happen that one user have one certificate with common name John Doe, but when asked for user/pass to perform validation in the AD puts Robert Doe. If the Robert Doe user exists in the AD and the password entered is correct, that user will login with an ID different of the one present in the certificate. Thanks, Nuno Marques -- Nuno Marques <nmarques@xxxxxxxxxxx> Administração de Sistemas DI-FCUL Faculdade de Ciências da Universidade de Lisboa Campo Grande - Edificio C6 - Piso 3 ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-02/msg00043.html on line 245 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-02/msg00043.html on line 245 |