# LDAP server URL URL {{ openvpn_ldap_url }} {% if not openvpn_ldap_anon_bind %} # Bind DN (If your LDAP server doesn't support anonymous binds) BindDN "{{ openvpn_ldap_binddn }}" # Bind Password Password "{{ openvpn_ldap_bindpwd }}" {% endif %} # Network timeout (in seconds) Timeout 15 {% if openvpn_ldap_starttls %} # Enable Start TLS TLSEnable yes {% else %} TLSEnable no {% endif %} {% if not openvpn_ldap_anon_bind %} # Follow LDAP Referrals (anonymously) FollowReferrals no {% else %} FollowReferrals yes {% endif %} # TLS CA Certificate File TLSCACertFile {{ openvpn_ldap_ca }} {% if openvpn_ldap_use_ca_dir %} # TLS CA Certificate Directory # TLSCACertDir {{ openvpn_ldap_ca_dir }} {% endif %} {% if openvpn_ldap_tls_auth %} # Client Certificate and key # If TLS client authentication is required TLSCertFile {{ openvpn_ldap_tls_cert }} TLSKeyFile {{ openvpn_ldap_tls_key }} {% endif %} # Cipher Suite # The defaults are usually fine here #TLSCipherSuite {{ openvpn_ldap_tls_ciphersuite }} # Base DN BaseDN "{{ openvpn_ldap_base_dn }}" # User Search Filter SearchFilter "{{ openvpn_ldap_user_search }}" # Require Group Membership RequireGroup {{ openvpn_ldap_require_group }} {% if openvpn_ldap_require_group %} # Add non-group members to a PF table (disabled) #PFTable ips_vpn_users BaseDN "{{ openvpn_ldap_group_base }}" SearchFilter "{{ openvpn_ldap_group_filter }}" RFC2307bis {{ openvpn_ldap_without_posix_groups }} MemberAttribute {{ openvpn_ldap_group_member_attr }} # Add group members to a PF table (disabled) # #PFTable ips_vpn_eng {% endif %}