Skip to content

Installation notes

Default Configuration

LLDAP is configured using the default options generated by the application on first run. The exception to this is the ‘Base DN for LDAP’ option which has been exposed to the user.

By default, LLDAP will use the following options:

  • Base DN for LDAP: dc=example,dc=org

  • Ldap User DN: admin

  • Ldap User Email: [email protected]

  • Ldap User Password: password

  • Public URL:<https://lldap.example.com>

  • LDAP port: 3890

  • JWT secret: random (generated on first run)

  • Show SMTP Settings

    • Enable Password Reset: false
    • SMTP Server Url: smtp.gmail.com
    • SMTP Server Port: 587
    • SMTP Encryption: STARTTLS
    • SMTP User: email
    • SMTP Password: password | app password
    • SMTP From: LLDAP Admin <[email protected]>
    • SMTP Reply To: Do not reply <noreply@localhost>

Usage

LLDAP can be used as the user backend for Authelia and Authentik as well as any other application that supports LDAP e.g. Jellyfin and Nextcloud. A specific guide for Authelia is available in this documentation but other authentication applications can be configured in a similar way.

When setting your bind user you should avoid using the admin user as this is a security risk. Instead, create a new user with the minimum permissions required for your application. LLDAP has a user group lldap_strict_readonly which can be used for this purpose. This group has read-only access to the LDAP database and can be used to create a new user with the minimum permissions required for your application. However, if you want to provide password reset then create a user in the lldap_password_manager group.

Support

  • If you need more details or have a more custom setup the documentation on the upstream is very useful so check the descriptions of the options there including example configs for various apps.
  • You can also reach us using Discord for real-time feedback and support

All Rights Reserved - The TrueCharts Project