18:01 Tue, 12 Sep 2006 PDT -0700

OpenVPN Auth-LDAP Plugin 2.0 RC1

I'd like to announce the first release candidate of version 2.0 of my LDAP authentication plugin for OpenVPN

This release is a vast improvement on the rudimentary 1.0 plugin -- new features include:

Click here to read more ...

[/code/ldap] permanent link

13:49 Mon, 19 Jun 2006 PDT -0700

Splat 1.0 Release

Nick Barkas and I released Splat 1.0 today, on behalf of the Three Rings Department of Public Works. If you need to synchronise information with an LDAP directory, Splat provides a great plugin interface. Included with the distribution are plugins to create home directories, write out SSH keys with command restrictions, and write out .forward files.

We use Splat here at Three Rings to distribute SSH keys to all of our servers, allowing us to further erradicate password authentication. Splat can apply filters based on LDAP groups, so we can, for instance, apply a subversion command= restriction only on the subversion server.

Next splat plugins I want to write:

[/code/ldap] permanent link

15:24 Wed, 26 Apr 2006 PDT -0700

Announcing Splat: The Scalable Periodic LDAP Attribute Transmogrifier


Splat is a daemon designed to help keep information in an LDAP directory in sync with information outside of an LDAP directory. This information can be any set of attributes on any object in the LDAP directory.

Splat was originally written for the purpose of distributing SSH keys from LDAP in a way that did not require modifying the SSH daemon.

In the process, we designed a generic daemon capable of pulling nearly any information from LDAP and using it in any way you see fit. Synchronize your LDAP directory with a relational database, update an organizational chart, or build a x509 certificate revocation list.

Click here to read more ...

[/code/ldap] permanent link

13:56 Sun, 09 Oct 2005 PDT -0700

OpenVPN Auth-LDAP Plugin 1.0.3 Released

Changes include the addition of an autoconf-based build system and support for Linux.

More information is available from the OpenVPN Auth-LDAP Plugin page

[/code/ldap] permanent link

15:05 Thu, 31 Mar 2005 PST -0800

OpenVPN Auth-LDAP Plugin

Yesterday I implemented a LDAP authentication plugin for OpenVPN 2.x. OpenVPN's new plugin architecture makes it surprisingly easy to extend the software in very useful ways.

More information and the source code are available on this page

[/code/ldap] permanent link