authentik icon indicating copy to clipboard operation
authentik copied to clipboard
verified publisher icon goauthentik

Authentik LDAP authentication

Open SiddheshxC13 opened this issue 1 year ago • 0 comments

When i was trying the openldap and sssd to create a authentication setup like creating a user and after configuring it in other machine it was perfectly fine then i thought of doing the same by using authentik.

After a certain time understanding authentik i was able to ldapsearch but i am not able to su user can anyone help me with the same i am novice rightnow and your help will be very helpful for me

also i have used docker to host authentik and then mapped the ip for eg 10.33.1.22:9000 to auth.abc.company by using nginx proxy manager also i am providing you my docker compose file and .env Docker compose: services: postgresql: image: docker.io/library/postgres:12-alpine restart: unless-stopped healthcheck: test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] start_period: 20s interval: 30s retries: 5 timeout: 5s volumes: - database:/var/lib/postgresql/data environment: POSTGRES_PASSWORD: ${PG_PASS:?database password required} POSTGRES_USER: ${PG_USER:-authentik} POSTGRES_DB: ${PG_DB:-authentik} env_file: - .env networks: - auth_network

redis: image: docker.io/library/redis:alpine command: --save 60 1 --loglevel warning restart: unless-stopped healthcheck: test: ["CMD-SHELL", "redis-cli ping | grep PONG"] start_period: 20s interval: 30s retries: 5 timeout: 3s volumes: - redis:/data networks: - auth_network

authentik_ldap: image: ghcr.io/goauthentik/ldap restart: unless-stopped ports: - 389:3389 - 636:6636 environment: AUTHENTIK_HOST: https://auth.abc.company.com AUTHENTIK_INSECURE: "false" AUTHENTIK_TOKEN: hhju networks: - auth_network

server: image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.2.3} restart: unless-stopped command: server environment: AUTHENTIK_REDIS__HOST: redis AUTHENTIK_POSTGRESQL__HOST: postgresql AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik} AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik} AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS} volumes: - ./media:/media - ./custom-templates:/templates env_file: - .env ports: - "${COMPOSE_PORT_HTTP:-9000}:9000" - "${COMPOSE_PORT_HTTPS:-9443}:9443" depends_on: - postgresql - redis networks: - auth_network

worker: image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.2.3} restart: unless-stopped command: worker environment: AUTHENTIK_REDIS__HOST: redis AUTHENTIK_POSTGRESQL__HOST: postgresql AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik} AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik} AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS} user: root volumes: - /var/run/docker.sock:/var/run/docker.sock - ./media:/media - ./certs:/certs - ./custom-templates:/templates env_file: - .env depends_on: - postgresql - redis networks: - auth_network

networks: auth_network: driver: bridge

volumes: database: driver: local redis: driver: local

.env-=

PG_PASS=xxxx AUTHENTIK_SECRET_KEY=exx AUTHENTIK_ERROR_REPORTING__ENABLED=true

SMTP Host Emails are sent to

AUTHENTIK_EMAIL__HOST=localhost AUTHENTIK_EMAIL__PORT=25

Optionally authenticate (don't add quotation marks to your password)

AUTHENTIK_EMAIL__USERNAME= AUTHENTIK_EMAIL__PASSWORD=

Use StartTLS

AUTHENTIK_EMAIL__USE_TLS=false

Use SSL

AUTHENTIK_EMAIL__USE_SSL=false AUTHENTIK_EMAIL__TIMEOUT=10

Email address authentik will send from, should have a correct @domain

AUTHENTIK_EMAIL__FROM=authentik@localhost AUTHENTIK_LISTEN__LDAP=0.0.0.0:389 AUTHENTIK_LISTEN__LDAP=0.0.0.0:689

SiddheshxC13 avatar Apr 26 '24 06:04 SiddheshxC13