41 lines
2.0 KiB
Markdown
41 lines
2.0 KiB
Markdown
# Installation notes
|
|
|
|
## Default Configuration
|
|
|
|
LLDAP is configured using the default options generated by the application on first run. The exception to this is the 'Base DN for LDAP' option which has been exposed to the user.
|
|
|
|
By default, LLDAP will use the following options:
|
|
|
|
- Base DN for LDAP: dc=example,dc=org
|
|
- Ldap User DN: admin
|
|
- Ldap User Email: admin@admin.com
|
|
- Ldap User Password: password
|
|
- Public URL: <https://lldap.example.com>
|
|
- LDAP port: 3890
|
|
- JWT secret: random (generated on first run)
|
|
|
|
- Show SMTP Settings
|
|
- Enable Password Reset: false
|
|
- SMTP Server Url: smtp.gmail.com
|
|
- SMTP Server Port: 587
|
|
- SMTP Encryption: STARTTLS
|
|
- SMTP User: email
|
|
- SMTP Password: password | app password
|
|
- SMTP From: LLDAP Admin <sender@gmail.com>
|
|
- SMTP Reply To: Do not reply <noreply@localhost>
|
|
|
|
## Usage
|
|
|
|
LLDAP can be used as the user backend for Authelia and Authentik as well as any other application that supports LDAP e.g. Jellyfin and Nextcloud. A specific guide for Authelia is available in this documentation but other authentication applications can be configured in a similar way.
|
|
|
|
When setting your bind user you should avoid using the admin user as this is a security risk. Instead, create a new user with the minimum permissions required for your application. LLDAP has a user group `lldap_strict_readonly` which can be used for this purpose. This group has read-only access to the LDAP database and can be used to create a new user with the minimum permissions required for your application. However, if you want to provide password reset then create a user in the `lldap_password_manager` group.
|
|
|
|
## Support
|
|
|
|
- If you need more details or have a more custom setup the documentation on the [upstream](https://github.com/lldap/lldap) is very useful so check the descriptions of the options there including example configs for various apps.
|
|
- You can also reach us using [Discord](https://discord.gg/tVsPTHWTtr) for real-time feedback and support
|
|
|
|
---
|
|
|
|
All Rights Reserved - The TrueCharts Project
|