I have been asked to check into using openvpn in a medium sized organization, that is primarily using Microsoft vpn, but has a fair base of Mac and Linux users. It looks like setting up openvpn, is straight forward, however, it does not appear to connect to any userid, that is user account, but uses a certificate. In the event that a user leaves the organization, could I terminate his client, on the master certificate? Also, would I have any way of auditing connections, and ips that were used? I fear that openvpn will not give me that capability.

Ive only used OpenVPN for my own private purposes and i must say i like it, fairly easy to set up with great documentation so i would recommend it.

Now to your questions, about the question if a user leaves the company it is no problem to revoke that certificate wich means that the certificate no longer counts as valid and the user is locked out.
About the auditing im not really sure what you mean but it is possible to audit connections and other stuff aswell, not sure to what extent though havent experimented much with that.

http://openvpn.net/howto.html check this excellent howto for info on both certificate revocation and auditing.