![]() ![]() ![]() We would use it only for VPN, since our WiFi hotspots support LDAP directly, so it's kind of a pain to set up freeradius for just that. This pretty much defeats the purpose of having centrally managed user accounts, as the peer config is generated once and cannot be revoked unless you go in manually as an admin into subspace and delete that user's device configs.Īre there any other options that would be able to solve my problem? I know that PfSense has an OpenVPN server with some LDAP capability, but I'm not sure how well it handles deleting users, I haven't tried it yet.Įdit: One more thing, we want to avoid RADIUS if possible at all (unless there's a solution that has it prepackaged with 0 configuration necessary). The problem is that even once we delete that AD user, the wg config is still valid and can be used regardless. Getting Started SSH Getting Started Web Service Getting Started Bastion Server Getting Started Host Certificates Endpoint. Configuration Replication Routes Routing Issues Internal DNS or VPC DNS Server. So far I have tried subspace, as it allowed us to use AWS SSO (SAML) to have users authenticate and then generate wg configs from there. Two-Step Authentication Cache Too Many Authentication Attempts Organizations. Once there, all you need to do, is find the Pritunl. Ideally, this would be achieved using Wireguard, but OpenVPN is also OK if Wireguard cannot be set up the way I want it. After doing this, you need to proceed to the company applications section in the SAASPASS admin portal. My goal is to be able to manage VPN users through AD one way or another. We have AWS AD for user management and use AWS SSO for web services. I'm setting up a VPN server for our office. What Is SelfHosted, As it pertains to this subreddit? Also include hints and tips for less technical readers. We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Service: Blogger - Alternative: WordPress ![]() Service: Google Reader - Alternative: Tiny Tiny RSS Open the Overview of the Pritunl app in App registrations. Copy the Azure key value from above into Application Secret. Configure any Default Roles that will be needed. Then click Add Provider and set the Label to Azure. Service: Dropbox - Alternative: Nextcloud Open the Settings in the Pritunl Zero management console and select Azure under Authentication Providers. Once you have set up the SAML process, with the details provided by the SAML provider, you need to log in using your custom URL for authentication. While you're here, please Read This FirstĪ place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |