Search…
⌃K
Links

LDAP - Active Directory

If you are using Microsoft Active Directory LDAP, use this in your configuration YML
ldap:
implementation: activedirectory
url: ldap://192.168.10.20:389
start_tls: false
tls:
skip_verify: true
minimum_version: TLS1.2
base_dn: DC=example,DC=com
username_attribute: sAMAccountName
users_filter: (&(|({username_attribute}={input})({mail_attribute}={input}))(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2)(!pwdLastSet=0))
#additional_groups_dn: OU=Groups
groups_filter: (&(member:1.2.840.113556.1.4.1941:={dn})(objectClass=group)(objectCategory=group))
group_name_attribute: cn
mail_attribute: mail
display_name_attribute: displayname
user: CN=Administrator,CN=Users,DC=example,DC=com
password: [email protected]!!