Lantranet [dot] com

bloggin' like a Professional

  • Navigator

    open all | close all
  • Kategorien

  • Neueste Beiträge

OpenVPN for UserAccounts without Administrator Rights

Erstellt von Administrator am Mittwoch 15. August 2012

Yes, it is possible to establish a OpenVPN Connection for users / User Accounts without Administrative Privileges….

1.) You need one of the following programs for each CLient: SETACL or SubinACL
2.) Set ACLs for  OpenVPN-Service, so that Users can start/stop the service: 

1
setacl -on openvpnservice -ot srv -actn ace -ace "n:Benutzer;p:start_stop"

3.) You also have to add the specific user to the „Networkconfiguration Operator“ Group in order to allow an unprivileged  user the rights to set the routes

 

Show Access Rights: 

1
setacl -on openvpnservice -ot srv -actn list

Set ACLs for  OpenVPN-Service, so that Users can start/stop the service: 

1
setacl -on openvpnservice -ot srv -actn ace -ace "n:Benutzer;p:start_stop"

start service via CMD: 

1
sc start OpenVPNService

stop service via CMD: 

1
sc stop OpenVPNService

 

If you want to start your favorite VPN Connection automatically, you’ve to change this in the registry:
HKLM\SOFTWARE/Microsoft\Windows\CurrentVersion\Run den openvpn-gui

1
openvpn-gui REG_SZ c:\programme\openvpn\bin\openvpn-gui.exe --connect config.ovpn

Then you’ll be prompted for your credentials at logon  (z.B. for Base1).