Group selection and certificates
Nikos Mavrogiannopoulos
n.mavrogiannopoulos at gmail.com
Mon Jul 4 01:45:28 PDT 2016
On Sun, Jul 3, 2016 at 6:26 PM, jvi <v8kjvi0j6 at gmail.com> wrote:
> Now I'd like to replicate the same behavior using certificate
> authentication, so a user connects, auth via cert, and is able to
> select which group they want. It so far only worked for either no
> group record present, or with default group explicitly defined in the
> config file.
> So basically what's above with addition of
> cert-user-oid = 2.5.4.3
> default-select-group = default
> #cert-group-oid = 2.5.4.11
>
> This way a user connects and gets auto-selected the 'default' group.
> That's okay. Works.
>
> Now, though, the problem is that if I uncomment cert-group-oid and
> start defining a list of groups under OU, e.g. "default, tor" so a
Use different OU fields. I.e., "ou = default", "ou = tor", in the same
certificate.
More information about the openconnect-devel
mailing list