ovpn-ad-sync/oas_configs/suppliesunlimited.com.ldap

<LDAP>
# LDAP server URL
URL ldap://192.168.1.22:389

# Bind DN (If your LDAP server doesn't support anonymous binds)
#BindDN uid=Administrator,ou=Users,dc=Ma**,dc=li**.local
BindDN SYS_OpenVPN@SUPPLIES.LOCAL

# Bind Password
Password whatthefreak!

# Network timeout (in seconds)
Timeout 15

# Enable Start TLS
TLSEnable no

# Follow LDAP Referrals (anonymously)
FollowReferrals yes

# TLS CA Certificate File
# TLSCACertFile /usr/local/etc/ssl/ca.pem

# TLS CA Certificate Directory
#TLSCACertDir /etc/ssl/certs

# Client Certificate and key
# If TLS client authentication is required
# TLSCertFile /usr/local/etc/ssl/client-cert.pem
# TLSKeyFile /usr/local/etc/ssl/client-key.pem

# Cipher Suite
# The defaults are usually fine here
# TLSCipherSuite ALL:!ADH:@STRENGTH

</LDAP>

<Authorization>
# Base DN
#BaseDN "CN=Users,DC=test,DC=com"
BaseDN "CN=Users,DC=supplies,DC=local"

# User Search Filter
#SearchFilter "(&(uid=%u)(accountStatus=active))"
#SearchFilter "(&(sAMAccountName=%u)(msNPAllowDialin=TRUE))"
SearchFilter "(&(sAMAccountName=%u))"

# Require Group Membership
RequireGroup true

# Add non-group members to a PF table (disabled)
#PFTable ips_vpn_users

<Group>
BaseDN "cn=Users,dc=supplies,dc=local"
SearchFilter "(cn=OpenVPNUsers)"
MemberAttribute "member"
# Add group members to a PF table (disabled)
#PFTable ips_vpn_eng
</Group>
</Authorization>
push new templates 2014-12-03 13:53:32 -05:00			`<LDAP>`
			`# LDAP server URL`
			`URL ldap://192.168.1.22:389`

			`# Bind DN (If your LDAP server doesn't support anonymous binds)`
			`#BindDN uid=Administrator,ou=Users,dc=Ma,dc=li.local`
			`BindDN SYS_OpenVPN@SUPPLIES.LOCAL`

			`# Bind Password`
			`Password whatthefreak!`

			`# Network timeout (in seconds)`
			`Timeout 15`

			`# Enable Start TLS`
			`TLSEnable no`

			`# Follow LDAP Referrals (anonymously)`
			`FollowReferrals yes`

			`# TLS CA Certificate File`
			`# TLSCACertFile /usr/local/etc/ssl/ca.pem`

			`# TLS CA Certificate Directory`
			`#TLSCACertDir /etc/ssl/certs`

			`# Client Certificate and key`
			`# If TLS client authentication is required`
			`# TLSCertFile /usr/local/etc/ssl/client-cert.pem`
			`# TLSKeyFile /usr/local/etc/ssl/client-key.pem`

			`# Cipher Suite`
			`# The defaults are usually fine here`
			`# TLSCipherSuite ALL:!ADH:@STRENGTH`

			`</LDAP>`

			`<Authorization>`
			`# Base DN`
			`#BaseDN "CN=Users,DC=test,DC=com"`
			`BaseDN "CN=Users,DC=supplies,DC=local"`

			`# User Search Filter`
			`#SearchFilter "(&(uid=%u)(accountStatus=active))"`
			`#SearchFilter "(&(sAMAccountName=%u)(msNPAllowDialin=TRUE))"`
			`SearchFilter "(&(sAMAccountName=%u))"`

			`# Require Group Membership`
			`RequireGroup true`

			`# Add non-group members to a PF table (disabled)`
			`#PFTable ips_vpn_users`

			`<Group>`
			`BaseDN "cn=Users,dc=supplies,dc=local"`
			`SearchFilter "(cn=OpenVPNUsers)"`
			`MemberAttribute "member"`
			`# Add group members to a PF table (disabled)`
			`#PFTable ips_vpn_eng`
			`</Group>`
			`</Authorization>`