僅列出與之前不同的地方 
1. 安裝  openvpn-auth-ldap 套件 
Ubuntu 16.04 
# apt-get install openvpn-auth-ldap 
CentOS 6.x/7.x 
# yum install openvpn-auth-ldap 
2. 修改 /etc/openvpn/server.conf 
在檔案最後面加入下面的設定 
# vim /etc/openvpn/server.conf 
client-cert-not-required 
username-as-common-name 
plugin /usr/lib/openvpn/openvpn-auth-ldap.so /etc/openvpn/auth/auth-ldap.conf 
# CentOS 7 
plugin /usr/lib64/openvpn/plugin/lib/openvpn-auth-ldap.so /etc/openvpn/auth/ldap.conf 
請確認 openvpn-auth-ldap.so 檔的位置[@more@]3. 建立目錄 /etc/openvpn/auth/ 
# mkdir /etc/openvpn/auth/ 
4. 建立 /etc/openvpn/auth/auth-ldap.conf 設定檔 
# egrep -v ‘^#|^$’ /etc/openvpn/auth/auth-ldap.conf 
<LDAP> 
        # LDAP server URL 
        #URL            ldap://ldap1.example.org 
        URL             ldap://192.168.1.20 
        # Bind DN (If your LDAP server doesn’t support anonymous binds) 
         BindDN         cn=admin,dc=bpim3,dc=test,dc=org 
        # Bind Password 
        # Password      SecretPassword 
         Password       123456 
        # Network timeout (in seconds) 
        Timeout         15 
        # Enable Start TLS 
        # Follow LDAP Referrals (anonymously) 
        # TLS CA Certificate File 
        # TLS CA Certificate Directory 
        # Client Certificate and key 
        # If TLS client authentication is required 
        # Cipher Suite 
        # The defaults are usually fine here 
        # TLSCipherSuite        ALL:!ADH:@STRENGTH 
</LDAP> 
<Authorization> 
        # Base DN 
        BaseDN          “ou=People,dc=example,dc=com” 
        # User Search Filter 
        SearchFilter    “(&(uid=%u))” 
        # Require Group Membership 
        RequireGroup    false 
        # Add non-group members to a PF table (disabled) 
        #PFTable        ips_vpn_users 
</Authorization> 
5. 檢查 OpenVPN 設定檔是否正確 
# openvpn –config /etc/openvpn/server.conf 
6. 重新啟動 OpenVPN Server,並檢查是否有正常啟動 
# systemctl restart openvpn@server.service;systemctl status openvpn@server.service
7. Client 端設定檔加入
auth-user-pass
