You MUST edit this file to suit your environment. We strongly suggest you watch our Authelia video before following along with this guide to help you understand how it all works. Make sure to use the OpenLDAP settings for your configuration.yml to work with this guide.
The sample provided in this guide has been tested and verified to work. However, it is strongly advised to read the official docs on the configuration to ensure it meets your requirements (https://www.authelia.com/docs/configuration/)
- For secret keys, you can create a 128-bit encryption key to put in from here: https://www.allkeysgenerator.com/Random/Security-Encryption-Key-Generator.aspx Remember to keep them different for the different areas which use them.
Here we are going to use the following format for the login credentials, make sure to replace domain with your domain. Add your password we created in the docker compose file and then click “Authenticate”.
Now we will create the admin group for users. You can repeat these steps to create whatever group you like. You can then later use these groups to refine rules within the Authelia configuration.yml file.
First, we will create the organizational unit. This is where all the groups will be stored. Select your domain in the left panel and some options will appear in the right panel.
Choose “Create a child entry”.
We can now select “Generic: Organizational Unit”.
We will call this organizational unit “Groups”.
Click “Create Object” and then “Commit” to save the settings. You can now see the organizational unit of groups has created.
Now that we have the category of Groups, we will create our first group of “admins”. This is where we will add our first user too. This time, instead of selecting the top domain, we will be selecting the “groups” tab.
As before, we will now see some more options in the right-hand pane. We will select to “Create a child entry” within the groups section.
This time we will be creating a “Generic: Posix Group”.
Once you have selected this, we will type in our group name. For this example, we will use the group “admins” as our first group.
Now click Create Object and Commit. You will see in the left-hand side under groups that the group “admins” has now created.
Below, we will add our first user to the organization. We will also add this user to the admins group. You can repeat this process to create as many users as you like.
Select the top-level domain.
On the right-hand side, choose to create another child entry.
Same as with the “groups”, we created, we are going to create another organizational unit.
This time we will call it “Users”. This will be where we will store all of our users that we add to the organization.
Click Create Object and Commit. You will now see this added to the tree under the main domain. Click this newly created Users tab.
Select to create a child entry under the Users organizational unit.
This time, we will add the “Generic: User Account”.
Here we will fill in all the details about the user. Make sure to use all lower case for the “User ID”, this allows the username field to be case-insensitive when logging in via Authelia. When selecting the crypt for the password, choose the
sha256cryptfor better security. Under GID Number, we will be selecting the group to add the user too, for our first user we will be adding them to the “admins” group we just created.
Now select Create Object and Commit.
You have now added your first user. To utilize the “Forgot password” feature of Authelia, we can also add more attribute fields to the user. For this feature, we will need the user's email added to the user record. Click “Add new attribute”.
On the dropdown, choose "Email".
Add the user's email and the click “Update Object”.
Click “update object” again to confirm. You have now added your new user to the admins group that you can use to log into Authelia.