Synology DSM as OpenVPN Client

 Uncategorized  Kommentare deaktiviert für Synology DSM as OpenVPN Client
Jan 182019
 

To connect your Synology Diskstation with your OpenVPN Server you can import your ovpn-Config file. In my case (authentication via certificates) I had to include/embed my certificates directly into the config file.

It is described here: https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage#lbAV

Another usefull post (but not needed if you include the certs, keys, tlsauth in your ovpn-config file): https://robert.penz.name/772/configure-a-synology-nas-as-openvpn-client-with-certificate-authentication-and-make-it-stable/

 

tls-client
pull
dev tun
proto udp
remote testserver.com XXXX
resolv-retry infinite
nobind
persist-key
persist-tun

<ca>
	// place the content of your ca.crt here
</ca>
<key>
	// place the content of your xxx.key here
</key>
<cert>
	// place the content of your xxx.crt here
</cert>
<tls-auth>
	// place the content of your xxx.tlsauth here
</tls-auth>

remote-cert-tls server
key-direction 1

verb 4

 

Search LDAP Entries with ldapsearch on Linux/Unix

 Uncategorized  Kommentare deaktiviert für Search LDAP Entries with ldapsearch on Linux/Unix
Dez 092016
 

RedHat ldapsearch Documentation

ldapsearch -D "CN=<MyUser>,OU=S,OU=Useraccounts,DC=de,DC=<COMPANY>,DC=com" -w "PASSWORD" -b "DC=<MyCompany>,DC=com" 
   -s sub "(& (objectClass=user) (name=TestUser1))" -h "myLdapHost.de.myCompany.com" -p "3268" telephonenumber name department


# Result:
# extended LDIF
#
# LDAPv3
# base <DC=<MyCompany>,DC=com> with scope subtree
# filter: (& (objectClass=user) (name=TestUser1))
# requesting: telephonenumber name department
#

# TestUser, M, Useraccounts, XX, emea.MyCompany.com
dn: CN=TestUser1,OU=M,OU=Useraccounts,OU=XX,DC=emea,DC=MyCompany,DC=com
department: <HIDDEN>
name: TestUser1
telephonenumber : 0711-XXXXXXXXX

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

Description:
-D     Username (BaseDN) that is used to connect to ldap
-w     Password to connect to ldap
-b     Specifies the starting point for the search
-s     Specifies the scope of the search
sub  search also in subtree
(& (objectClass=user) (name=mcp8wz)) = filter for objects with objectClass=user and where attribute „name“ = mcp8wz
-h     hostname of LDAP Server
-p     Port of LDAP Server
at the end of the command you can add all attributes you would like to fetch from LDAP. Leave empty to retrieve all information