Sina Owolabi via FreeIPA-users <freeipa-users@lists.fedorahosted.org>
writes:

> Yes I use PAM with openvpn to authenticate user clients
> "plugin /usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so login"
> I'm also running a HBAC controlled IPA environment but the rule for vpnusers
> is a --servicecat=all:
>
> Rule name: allowvpnusers
>   Service category: all
>   Enabled: TRUE
>   User Groups: vpnusers
>   Hosts: vpn.internaldom.com

You use the login configuration for PAM. Either use that service or
change the parameter to openvpn-plugin-auth-pam.so to openvpn.

Jochen

-- 
This space is intentionally left blank.
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org

Reply via email to