Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Migration of Local Users To Active Directory Possible?

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 3 Posters 606 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      Mirfster
      last edited by

      Just a general question and if not possible, not really a big deal..

      Getting a small company modernized. Got them a Netgate SG-4860 and have demonstrated some abilities; mainly OpenVPN to replace their existing PPTP (yeah, that was a major red flag I wanted to remedy right away).

      Long story short, had to leverage Local User Authentication since they did not have any centralized management. Got them onboard with AD and would like to roll into Active Directory Integration for Authentication.

      Is there any existing method of migrating existing Users/Passwords to AD? Just seeing if I can make it a little seamless, but if not then no big deal.

      Thanks in advance for any input.

      1 Reply Last reply Reply Quote 0
      • stephenw10S Offline
        stephenw10 Netgate Administrator
        last edited by

        I'm not aware of anything that could do that.

        M 1 Reply Last reply Reply Quote 1
        • M Offline
          Mirfster @stephenw10
          last edited by

          @stephenw10 Thanks for the confirmation, I'll proceed without delving into this any further. ๐Ÿ˜€

          1 Reply Last reply Reply Quote 0
          • bmeeksB Offline
            bmeeks
            last edited by bmeeks

            I did a quick Google search and found two links that might help you up to a point. I don't believe you can import the current passwords, though, because they are encrypted on pfSense.

            Here are the links:

            https://theitbros.com/import-users-into-active-directory-from-csv/

            https://activedirectorypro.com/create-bulk-users-active-directory/

            Both links refer to the same process. You create a PowerShell script to process a CSV file with the values to import into AD. You will have to create a pfSense backup, and then manually scrape that XML config backup file to pull out the user info you want to migrate into a CSV format.

            As far as the passwords, you probably are going to set a default password for each user and then let them change in AD when logging in for the first time. You should be able to create a Group Policy to force that action.

            M 1 Reply Last reply Reply Quote 1
            • M Offline
              Mirfster @bmeeks
              last edited by

              @bmeeks Appreciate the info, I've already go things going and pretty much completed. ๐Ÿ‘

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.