Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Auto create users for OpenVPN while authenticate against LDAP

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 969 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      hiddenbit
      last edited by

      Hey guys, I configured my pfSense to authenticate users against LDAP (Active Directory). This seems to work, but while usings this accounts with OpenVPN and certificate-based authentication, they need to exist locally. Is there any preferred way to do this automatically?

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        You do not need local accounts to use with LDAP and Certificates.

        You only need to make certificates under System > Cert Manager on the Certificates tab, using the same CA as the OpenVPN server.

        There is not a way to automate making the certificates, however.

        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • H
          hiddenbit
          last edited by

          Hey jimp, thanks for your response. I got it working, but realized a disappointing point. After login with a remote user, I am able to see, use and download also certificates from other users (see attached pic). Is there a way to work around that?

          Auswahl_205.png
          Auswahl_205.png_thumb

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            The export package is not intended to be used by end-users. There is no way for a user to login and download just their own client.

            Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.