Auto create users for OpenVPN while authenticate against LDAP



  • Hey guys, I configured my pfSense to authenticate users against LDAP (Active Directory). This seems to work, but while usings this accounts with OpenVPN and certificate-based authentication, they need to exist locally. Is there any preferred way to do this automatically?


  • Rebel Alliance Developer Netgate

    You do not need local accounts to use with LDAP and Certificates.

    You only need to make certificates under System > Cert Manager on the Certificates tab, using the same CA as the OpenVPN server.

    There is not a way to automate making the certificates, however.



  • Hey jimp, thanks for your response. I got it working, but realized a disappointing point. After login with a remote user, I am able to see, use and download also certificates from other users (see attached pic). Is there a way to work around that?



  • Rebel Alliance Developer Netgate

    The export package is not intended to be used by end-users. There is no way for a user to login and download just their own client.