Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Authentication -> What happens if AD is not available?

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 2 Posters 603 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      ehuk
      last edited by

      Hi Guys,

      Quick question, if we select an Active Directory server as the main authentication server for a pfsense box, what happens if the AD servers is unavailable for whatever reason? Would we be locked out, or would it try and authenticate with the Local Database?

      I did some digging but couldn't find a clear answer.

      Thanks,
      ehuk.

      1 Reply Last reply Reply Quote 0
      • L
        ljorgensen
        last edited by

        @ehuk:

        Quick question, if we select an Active Directory server as the main authentication server for a pfsense box, what happens if the AD servers is unavailable for whatever reason? Would we be locked out, or would it try and authenticate with the Local Database?

        It falls back to the Local Database. In fact, the Local Database is always active. If you log in with credentials not valid for the AD, pfSense will retry the same login with a local account instead.

        Keep the local admin account and give it a strong password. Then you can always log in regardless of AD connectivity. Also, you need a local account to do syncing between firewalls and ssh logins to the firewalls.

        Lars

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.