mirror of
https://github.com/nitnelave/lldap.git
synced 2023-04-12 14:25:13 +00:00
Added Authelia configuration
This commit is contained in:
Alexander
nitnelave
parent
107c8ec96e
commit
88ff3e7783
@ -105,6 +105,13 @@ filter like: `(memberOf=cn=admins,ou=groups,dc=example,dc=com)`.
|
|||||||
The administrator group for LLDAP is `lldap_admin`: anyone in this group has
|
The administrator group for LLDAP is `lldap_admin`: anyone in this group has
|
||||||
admin rights in the Web UI.
|
admin rights in the Web UI.
|
||||||
|
|
||||||
|
### Authelia configuration
|
||||||
|
|
||||||
|
If you are using `LLDAP` as a backend for `Authelia` you need to adjust the
|
||||||
|
`Authelia` configuration.
|
||||||
|
|
||||||
|
You can find an example `authelia_config.yml` inside the `example_configs` folder.
|
||||||
|
|
||||||
## I can't log in!
|
## I can't log in!
|
||||||
|
|
||||||
If you just set up the server, can get to the login page but the password you
|
If you just set up the server, can get to the login page but the password you
|
||||||
|
|||||||
46
example_configs/authelia_config.yml
Normal file
46
example_configs/authelia_config.yml
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
###############################################################
|
||||||
|
# Authelia configuration #
|
||||||
|
###############################################################
|
||||||
|
|
||||||
|
# This is just the LDAP part of the Authelia configuration!
|
||||||
|
|
||||||
|
|
||||||
|
authentication_backend:
|
||||||
|
# Passwort reset through authelia does not work at the moment
|
||||||
|
disable_reset_password: false
|
||||||
|
# How often authelia should check if there is an user update in LDAP
|
||||||
|
refresh_interval: 1m
|
||||||
|
ldap:
|
||||||
|
implementation: custom
|
||||||
|
# Pattern is ldap://HOSTNAME-OR-IP:PORT
|
||||||
|
# Normal ldap port is 389, standard in LLDAP is 3890
|
||||||
|
url: ldap://lldap:3890
|
||||||
|
# The dial timeout for LDAP.
|
||||||
|
timeout: 5s
|
||||||
|
# Use StartTLS with the LDAP connection, TLS not supported right now
|
||||||
|
start_tls: false
|
||||||
|
#tls:
|
||||||
|
# skip_verify: false
|
||||||
|
# minimum_version: TLS1.2
|
||||||
|
# Set base dn, like dc=google,dc.com
|
||||||
|
base_dn: dc=example,dc=com
|
||||||
|
username_attribute: uid
|
||||||
|
# You need to set this to ou=people, because all users are stored in this ou!
|
||||||
|
additional_users_dn: ou=people
|
||||||
|
# To allow sign in both with username and email, one can use a filter like
|
||||||
|
# (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
|
||||||
|
users_filter: (&({username_attribute}={input})(objectClass=person))
|
||||||
|
# Set this to ou=groups, because all groups are stored in this ou
|
||||||
|
additional_groups_dn: ou=groups
|
||||||
|
# Only this filter is supported right now
|
||||||
|
groups_filter: (member={dn})
|
||||||
|
# The attribute holding the name of the group.
|
||||||
|
group_name_attribute: cn
|
||||||
|
# Email attribute
|
||||||
|
mail_attribute: mail
|
||||||
|
# The attribute holding the display name of the user. This will be used to greet an authenticated user.
|
||||||
|
display_name_attribute: displayName
|
||||||
|
# The username and password of the admin user.
|
||||||
|
user: cn=admin,ou=people,dc=example,dc=com
|
||||||
|
# Password can also be set using a secret: https://www.authelia.com/docs/configuration/secrets.html
|
||||||
|
password: 'testtest'
|
||||||
Loading…
Reference in New Issue
Block a user