# LDAP server URL URL ldap://192.168.1.22:389 # Bind DN (If your LDAP server doesn't support anonymous binds) #BindDN uid=Administrator,ou=Users,dc=Ma**,dc=li**.local BindDN SYS_OpenVPN@SUPPLIES.LOCAL # Bind Password Password whatthefreak! # Network timeout (in seconds) Timeout 15 # Enable Start TLS TLSEnable no # Follow LDAP Referrals (anonymously) FollowReferrals yes # TLS CA Certificate File # TLSCACertFile /usr/local/etc/ssl/ca.pem # TLS CA Certificate Directory #TLSCACertDir /etc/ssl/certs # Client Certificate and key # If TLS client authentication is required # TLSCertFile /usr/local/etc/ssl/client-cert.pem # TLSKeyFile /usr/local/etc/ssl/client-key.pem # Cipher Suite # The defaults are usually fine here # TLSCipherSuite ALL:!ADH:@STRENGTH # Base DN #BaseDN "CN=Users,DC=test,DC=com" BaseDN "CN=Users,DC=supplies,DC=local" # User Search Filter #SearchFilter "(&(uid=%u)(accountStatus=active))" #SearchFilter "(&(sAMAccountName=%u)(msNPAllowDialin=TRUE))" SearchFilter "(&(sAMAccountName=%u))" # Require Group Membership RequireGroup true # Add non-group members to a PF table (disabled) #PFTable ips_vpn_users BaseDN "cn=Users,dc=supplies,dc=local" SearchFilter "(cn=OpenVPNUsers)" MemberAttribute "member" # Add group members to a PF table (disabled) #PFTable ips_vpn_eng