OpenVPN certification management and LDAP/Active Directory based authorization scripts
License: GNU General Public License v3.0
Python 24.12%Shell 75.88%
openvpn-ldap-integration's Introduction
OpenVPN LDAP Integration README
This file only describes how to download, unpack and fix the accessory
files to enable the vpn_client program to create Windows installer
packages.
The README.DD-WRT file describes how to configure and create the
DD-WRT firmware images that contain an embedded VPN client and router.
See docs/config.html for how to setup your infrastructure to be able
to use these tools.
For more information about OpenVPN see:
http://openvpn.net/index.php/open-source/documentation/howto.html
*** Prepare Windows client package data ***
The program on Linux that creates the Windows installer is
makensis (part of the nsis package). This program reads in
a package definition file and then generates the installer based
on that definition file.
The actual files that are installed by the installer are made up
of two parts: the openvpn program itself, and the openvpn GUI
component that provides a task tray icon for easy connecting and
disconnecting.
- Relevant link:
http://www.xdevsoftware.com/blog/post/How-to-Install-the-Nullsoft-Installer---NSIS-on-Linux-.aspx
- Install 7zip
sudo apt-get install p7zip-full
- Get the source and installer package:
wget http://openvpn.net/release/openvpn-2.1_rc18.zip
wget http://openvpn.net/release/openvpn-2.1_rc18-install.exe
- Unpack archives:
unzip openvpn-2.1_rc18.zip
7z x openvpn-2.1_rc18-install.exe -oopenvpn-2.1_rc18-install/
- choose (u) for "A(u)to rename"
- In the source directory:
cd openvpn-2.1_rc18
sh install-win32/winconfig
touch install-win32/xguidefs.nsi
echo '!define OPENVPN_GUI_DEFINED' > install-win32/guidefs.nsi
- In the unpacked executable directory:
cd ../openvpn-2.1_rc18-install
mkdir install-win32 images lib text config
cp ../openvpn-2.1_rc18/autodefs/*.nsi install-win32/
cp ../openvpn-2.1_rc18/install-win32/*.nsi install-win32/
cp ../openvpn-2.1_rc18/images/install-whirl.bmp images/
mv sample-config samples
mv icon.ico images
mv bin/*.dll lib
mv *.txt text
mkdir -p {driver,tapinstall}/{i386,amd64}
mv bin/tapinstall.exe tapinstall/amd64/tapinstall.exe
mv bin/tapinstall_1.exe tapinstall/i386/tapinstall.exe
mv driver/OemWin2k.inf driver/amd64/OemWin2k.inf
mv driver/OemWin2k_1.inf driver/i386/OemWin2k.inf
mv driver/tap0901.sys driver/amd64/tap0901.sys
mv driver/tap0901_1.sys driver/i386/tap0901.sys
mv driver/tap0901.cat driver/amd64/tap0901.cat
mv driver/tap0901_1.cat driver/i386/tap0901.cat
cd install-win32
echo '!define SAMPCONF_DIR "config"' >> defs.nsi
echo '!define SAMPCONF_CONF "client.ovpn"' >> defs.nsi
echo '!define SAMPCONF_P12 "client.p12"' >> defs.nsi
echo '!define SAMPCONF_TA "ta.key"' >> defs.nsi
sed -i '/SHOWREADME.*INSTALL-win32.txt/{n;s/^/ !define MUI_FINISHPAGE_SHOWREADME_NOTCHECKED\n/;}' openvpn.nsi
- You can now delete the source directory and archives:
rm openvpn-2.1_rc18.zip openvpn-2.1_rc18-install.exe
rm -rf openvpn-2.1_rc18
*** Client installation prompts in Windows ***
If their is a client already install, stop it first: right click on
double computer icon (with red, yellow or green screens) in task tray
(lower right) and select "Exit".
- <Vista Only> User Account Control. An unidentified program wants
acces to your computer. ...
[-> Cancel] *[-> Allow]*
- <WinXP sometimes> Open File - Security Warning. The publisher could
not be verified. ...
*[Run]* [Cancel]
- Welcome to the OpenVPN 2.1_rc18 Setup Wizard. ...
*[Next >]* [Cancel]
- License Agreement. ...
[< Back] *[I Agree]* [Cancel]
- Choose components. ...
[< Back] *[Next >]* [Cancel]
- Choose Install Location. ...
[< Back] *[Install]* [Cancel]
- Hardware Installation. ... TAP-Win32 Adapter ...
*[Continue Anyway]* [STOP Installation]
- Installation Complete ...
*[Next >]*
- Completing the OpenVPN 2.1_rc4-gui-1.0.3 Setup Wizard. ...
*[Finish]*
- <Vista sometimes> Program Compatibility Assistant. This program
might not have installed correctly.
[Reinstall using recommended settings]
*[This program installed correctly]*
In Windows Vista there is an additional step you must do. Right click
on the "OpenVPN GUI" icon on the desktop and select "Properties".
In the "Shortcut" tab, select "Advanced...". The choose "Run as
administrator". Then click the "OK" buttons to save and close the
dialogs.
If you need to run this program as a user other than the user that you
used to install the program, there are some additional steps you need
to take.
*** Client installation on Windows as normal user (non-admin) ***
- Do a normal install, but unselect auto-start during install
- Right click "OpenVPN GUI" icon
- Under "Shortcut tab"
- Choose "Advanced..."
- Select "Run with different credentials"
- Select the "Security" tab
- Click "Add..."
- Type "Users" into the box labelled "Enter the object names to
select"
- Click "OK" and then "OK" again
- Copy desktop shortcut to all users desktop
- Right click "OpenVPN GUI" icon and choose "Cut"
- Right click start menu and choose, "Open All Users"
- Hit "Backspace" to go up one level
- Double-click on the Desktop folder
- Right-click on an empty space and select "Paste"
- Now when you run it as any user, you will be prompted:
- Select "The following user:"
- Enter a user name and password with administrative access