Tutorial: Finding the User Configuration for Authentication Modes
Where is your user configuration stored for Access Server based on the authentication?
Overview
The user configuration is stored differently depending on your authentication mode. This tutorial helps you determine where to find user and group properties.
An installed Access Server.
End user accounts.
Sign in to your Admin Web UI.
Take note of the default authentication mode displayed on the Status Overview page under Authenticate users with.
Click User Management > Group Permissions.
You can check if any groups use a different auth method by clicking More Settings and checking if the Auth method is a selection other than Default.
Click User Management > User Permissions.
You can check if any users use a different auth method by clicking More Settings and checking if the Auth method is a selection other than Default.
Now that you know your authentication mode or if you're using more than one, refer to the section below that applies to you.
Local
Access Server stores user and group properties in this file: /usr/local/openvpn_as/etc/db/userprop.db. For more details about how Access Server stores user passwords, refer to this tutorial: Tutorial: Manage the Local Authentication Method from the Command-line Interface.
LDAP, RADIUS, and SAML
For LDAP, RADIUS, or SAML authentication modes, user credentials aren’t stored in Access Server but in the external systems.
PAM
For PAM authentication mode, Access Server stores the passwords in the operating system. When creating backups of the configuration files, be aware that the commands below won’t back up these passwords. If you migrate your server to a new server, you must set user passwords again for PAM authentication.