Integrate Active Directory with OpenVPN Access Server

REDspace works with several high-profile clients. As a result, the company handles a lot of secure information. For several years, the company invested in a Windows-based VPN server solution. The solution was not customizable, and it could not be integrated with their Active Directory — which meant there was no easy way to manage the individual users on their team of 200 employees. The company needed a different solution, and they identified three key features that the new solution needed:

• Customizable
• Active Directory Integration
• Oversight Capabilities

The company decided to use Access Server — a flexible business VPN solution that is customizable, integratable, and provides oversight capabilities. REDspace was able to configure OpenVPN Access Server using LDAP to integrate with their Active Directory for authentication. With the new solution, they can:

• encrypt with SSL to ensure a secure link between Access Server and the Active Directory server
• configure rules for different Active Directory groups (for example: only allow one AD group to use the VPN while other groups are blocked)
• allow only specific Active Directory users to log in to the VPN

After configuring, they were able to apply specific settings to their users which gave the company’s team the ability to view and manage its connected users to the level that they desired. They are able to enforce least privilege: the practice of limiting access rights for users to the bare minimum they need to perform their work. Now the employees can use the VPN to access internal services — but the company is still able to control who has access to internal resources. With fewer people accessing the different resources, the company margin of error has become much smaller as well.