Symas OpenLDAP Knowledge Base

Authentik with OpenLDAP

Name

ldap

Slug

ldap
  • Enabled
  • Sync Users
  • User password writeback
  • Sync groups

Connection settings

Server URI

ldap://<server fully-qualified-domain-name or IP address>:389
  • Enable StartTLS

TLS Verification Certificate

---------

Bind CN

uid=admin,ou=people,dc=example,dc=com

Bind Password

ADMIN_PASSWORD

Base DN

dc=example,dc=com

LDAP Attribute mapping

User Property Mappings

  • authentik default LDAP Mapping: mail
  • authentik default LDAP Mapping: Name
  • authentik default Active Directory Mapping: givenName
  • authentik default Active Directory Mapping: sAMAccountName
  • authentik default Active Directory Mapping: sn
  • authentik default Active Directory Mapping: userPrincipalName
  • authentik default OpenLDAP Mapping: cn
  • authentik default OpenLDAP Mapping: uid

Group Property Mappings

  • authentik default LDAP Mapping: mail
  • authentik default LDAP Mapping: Name
  • authentik default Active Directory Mapping: givenName
  • authentik default Active Directory Mapping: sAMAccountName
  • authentik default Active Directory Mapping: sn
  • authentik default Active Directory Mapping: userPrincipalName
  • authentik default OpenLDAP Mapping: cn
  • authentik default OpenLDAP Mapping: uid

Additional settings

Group

---------

User path

LDAP/users

Addition User DN

ou=people

Addition Group DN

ou=groups

User object filter

(objectClass=person)

Group object filter

(objectClass=groupOfUniqueNames)

Group membership field

member

Object uniqueness field

uid