Installation notes

Default Configuration

LLDAP is configured using the default options generated by the application on first run. The exception to this is the ‘Base DN for LDAP’ option which has been exposed to the user.

By default, LLDAP will use the following options:

Base DN for LDAP: dc=example,dc=org
Ldap User DN: admin
Ldap User Email: [email protected]
Ldap User Password: password
Public URL:<https://lldap.example.com>
LDAP port: 3890
JWT secret: random (generated on first run)
Show SMTP Settings
- Enable Password Reset: false
- SMTP Server Url: smtp.gmail.com
- SMTP Server Port: 587
- SMTP Encryption: STARTTLS
- SMTP User: email
- SMTP Password: password | app password
- SMTP From: LLDAP Admin <[email protected]>
- SMTP Reply To: Do not reply <noreply@localhost>

Usage

LLDAP can be used as the user backend for Authelia and Authentik as well as any other application that supports LDAP e.g. Jellyfin and Nextcloud. A specific guide for Authelia is available in this documentation but other authentication applications can be configured in a similar way.

When setting your bind user you should avoid using the admin user as this is a security risk. Instead, create a new user with the minimum permissions required for your application. LLDAP has a user group lldap_strict_readonly which can be used for this purpose. This group has read-only access to the LDAP database and can be used to create a new user with the minimum permissions required for your application. However, if you want to provide password reset then create a user in the lldap_password_manager group.

Support

If you need more details or have a more custom setup the documentation on the upstream is very useful so check the descriptions of the options there including example configs for various apps.
You can also reach us using Discord for real-time feedback and support