0

I'm getting the following error (client side) when connecting to my OpenVPN server:

AUTH: Received AUTH_FAILED control message

and on the server I get thefollowing error message in teh openvpn logs:

AUTH-PAM: BACKGROUND: user 'myUsername' failed to authenticate: Module is unknown

The system was configured by another sysadmin (who is now gone) and I need to resolve this problem. So I'm not sure how this is configured, but I was told that our openvpn is authenticating against the active directory that we have using winbind.

We've recently moved our active directory server and so this is likely the problem.

So:

  1. How can I confirm that openvpn is using winbind to authenticate users against our active directory?
  2. If I've changed the location (ip address) of the active directory server, where would I need to look to update openvpn/winbind to make this work again?
  3. What other information do I need to look for or provide to debug this issue?
Alex Q
  • 135
  • 1
  • 8

1 Answers1

2

My coworker resolved this. The issue was that we had old data in the winbind cache. We cleared the cache at /var/lib/samba and /var/cache/samba then restarted winbind and everything is working again.

Alex Q
  • 135
  • 1
  • 8
  • Yes WinBIND is a POS. Check out this script it can help you push dynamic routes to your clients http://planetjoel.com/viewarticle/638/OpenVPN%3A+Dynamically+create+IPtables+rules+based+on+LDAP+group+membership – hellomynameisjoel Mar 02 '11 at 04:15