LDAP library directory:
The post_auth programming hook in Access Server was put in to extend the possibilities of the Access Server to authenticate against a source of credentials. By default without using post_auth the following sources can be authenticated against in Access Server: LOCAL, PAM, LDAP, RADIUS
Please refer to the link to configure Windows Server 2016 running an Active Directory so that OpenVPN Access Server can connect to it and use the objects in the AD for authentication.
The guide helps to understand the order the OpenVPN Access Server integration with Google LDAP.
As per Google's documentation, supported editions of G Suite for this feature are 'Business Plus', 'Enterprise', 'Education', or 'Enterprise for Education'.
This will not work with the normal 'Business' or basic Gmail/Google Drive user accounts.
Rather than creating a Bind user like most LDAP integrations, Google LDAP requires an SSL certificate, making the integration slightly more complex.
You will need to be familiar with the sacli tool for advanced configuration of OpenVPN Access Server. More information about it here: Access Server Command Line Interface Tools.
Configuring Okta to integrate with OpenVPN Access Server can be done with LDAP. This requires requesting the LDAP Interface feature added to your Okta account.
The following pieces will make up the LDAP integration between Okta and OpenVPN Access Server:
An active LDAP Interface in your Okta directory integrations
An Okta Read-Only admin account as your bind user
Defining the configuration for the bind in OpenVPN Access Server