Migration of Local Users To Active Directory Possible?
-
Just a general question and if not possible, not really a big deal..
Getting a small company modernized. Got them a Netgate SG-4860 and have demonstrated some abilities; mainly OpenVPN to replace their existing PPTP (yeah, that was a major red flag I wanted to remedy right away).
Long story short, had to leverage Local User Authentication since they did not have any centralized management. Got them onboard with AD and would like to roll into Active Directory Integration for Authentication.
Is there any existing method of migrating existing Users/Passwords to AD? Just seeing if I can make it a little seamless, but if not then no big deal.
Thanks in advance for any input.
-
I'm not aware of anything that could do that.
-
@stephenw10 Thanks for the confirmation, I'll proceed without delving into this any further.
-
I did a quick Google search and found two links that might help you up to a point. I don't believe you can import the current passwords, though, because they are encrypted on pfSense.
Here are the links:
https://theitbros.com/import-users-into-active-directory-from-csv/
https://activedirectorypro.com/create-bulk-users-active-directory/
Both links refer to the same process. You create a PowerShell script to process a CSV file with the values to import into AD. You will have to create a pfSense backup, and then manually scrape that XML config backup file to pull out the user info you want to migrate into a CSV format.
As far as the passwords, you probably are going to set a default password for each user and then let them change in AD when logging in for the first time. You should be able to create a Group Policy to force that action.
-
@bmeeks Appreciate the info, I've already go things going and pretty much completed.
