Tutorial: Finding the User Configuration for Authentication Modes
Where is your user configuration stored for Access Server, based on the authentication method?
Overview
The user configuration is stored differently depending on your authentication mode. This tutorial helps you determine where to find user and group properties.
An installed Access Server.
End user accounts.
Sign in to your Admin Web UI.
The Status page displays.
Take note of the default authentication mode displayed under Server Details > Default authentication system.
Take note of the additional authentication modes allowed under Server Details > Accepting authentication on.
To check group-level authentication methods, click Groups and take note of the method under Authentication.
To check user-level authentication methods, click Users and click the username. The method displays under Authentication > Auth method.
Now that you know your authentication method(s) refer to the section or sections below that apply to you.
Local
Access Server stores user and group properties in this file: /usr/local/openvpn_as/etc/db/userprop.db. For more details about how Access Server stores user passwords, refer to this tutorial: Tutorial: Manage the Local Authentication Method from the Command-Line Interface.
LDAP, RADIUS, and SAML
For LDAP, RADIUS, or SAML authentication modes, user credentials aren’t stored in Access Server but in the external systems.
PAM
For PAM authentication mode, Access Server stores the passwords in the operating system. When creating backups of the configuration files, be aware that the commands below won’t back up these passwords. If you migrate your server to a new one, you must reset user passwords for PAM authentication.