Auto create users for OpenVPN while authenticate against LDAP
-
Hey guys, I configured my pfSense to authenticate users against LDAP (Active Directory). This seems to work, but while usings this accounts with OpenVPN and certificate-based authentication, they need to exist locally. Is there any preferred way to do this automatically?
-
You do not need local accounts to use with LDAP and Certificates.
You only need to make certificates under System > Cert Manager on the Certificates tab, using the same CA as the OpenVPN server.
There is not a way to automate making the certificates, however.
-
Hey jimp, thanks for your response. I got it working, but realized a disappointing point. After login with a remote user, I am able to see, use and download also certificates from other users (see attached pic). Is there a way to work around that?
-
The export package is not intended to be used by end-users. There is no way for a user to login and download just their own client.