Sina Owolabi via FreeIPA-users <freeipa-users@lists.fedorahosted.org> writes:
> Yes I use PAM with openvpn to authenticate user clients > "plugin /usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so login" > I'm also running a HBAC controlled IPA environment but the rule for vpnusers > is a --servicecat=all: > > Rule name: allowvpnusers > Service category: all > Enabled: TRUE > User Groups: vpnusers > Hosts: vpn.internaldom.com You use the login configuration for PAM. Either use that service or change the parameter to openvpn-plugin-auth-pam.so to openvpn. Jochen -- This space is intentionally left blank. _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org