[strongSwan] Windows 10 DeviceTunnel and rightid via LDAP/AD or RADIUS?
stephan.hendl at landtag.brandenburg.de
Tue Jun 25 13:55:43 CEST 2019
we have set up a device tunnel as force tunnel with machine certificates in Windows 10 based on https://wiki.strongswan.org/projects/strongswan/wiki/Win7MultipleConfig with the following configuration:
rightid="DC=de, DC=company, OU=<some OU>, OU=computers, CN=*"
This work as expected but all clients have to have certificates where the DN is part oft he same LDAP-tree ("DC=de, DC=company, OU=<some OU>, OU=computers, CN=*"). We use the device tunnel for starting the tunnel as far as network connection has established. There should no user interaction be required.
Is there a possibility to extend the authorization with group memebrship coming from LDAP/AD or RADIUS?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users