[Date Prev][Date Next] [Chronological] [Thread] [Top]

Users with multiple passwords?

To: openldap-technical@openldap.org
Subject: Users with multiple passwords?
From: dev <devuan.2@gmail.com>
Date: Thu, 3 Mar 2016 09:01:38 -0600
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:subject:to:message-id:date:user-agent:mime-version :content-transfer-encoding; bh=3W1UC7ULERF1MOZnsFvyu6P28LTTzabqny7HPx+mYmI=; b=vn3O7xhKL/z87JB9SEjpJht0yxbuVYwAIwmhVzJdb/xP14Dx3dq5cDfDePM+iZU1SW DbBIT05RMk88vZStKGTW0HcdF/vyNHrQ/7QEvQvZPcXe1zpiSbalxmiFuIVgBah1P+iP JwNCESrLGp3HTsiN6TFl3dD7JGX0Cro24yuiKllPfj/Ld2H2QAznrDv4oZ6hiyPFyVfD POzUtdivzTRtu0+e/6y0FVglig2EeSY8Df+mDmrWlnectWP8Cumio5l/lOkEtHAGO2us KICPb31cVLmiDCNxyED5dIokYrpwBtxySfyWXebYHbEkd2vloOlCoajMpC0UCNKWd6kn OZ5A==
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0

Hello All,

I have OpenLDAP (2.4.31-1+nmu2ubuntu8.2) setup to authenticate users onour LAN with ActiveDirectory using SASL passthrough.

I want to give some of these users access to VPN (OpenVPN) services(auth with the same OpenLDAP server above) however I want to give theman {SHA1} password to access the VPN.

I've created another OU (OU=vpnuser) and simply duplicated the entireuser entry into it. I have the VPN server using a searchbase of"OU=vpnuser.." and things are working as I want... sort of..

Some software on the LAN finds two users in ldap now so I explicitlyexclude OU=vpnuser from searchbases (!OU=vpnuser). ugh..

Is there a better way to accomplish what I am trying to do? Give thesame user two different passwords in the ldap tree?


Thanks

Follow-Ups:
- Re: Users with multiple passwords?
  - From: Cole <cole@opteqint.net>

Prev by Date: Antw: OpenLDAP 2.4x Syncrepl setup
Next by Date: ldapmodify hangs, slapd appears to be looping
Index(es):
- Chronological
- Thread