Use the following configuration settings. Make sure you replace “dc=example,dc=com” with the root DN for your OpenLDAP service.
Name
ldap
Slug
ldap
Sync Users
User password writeback
Sync groups
Connection settings
Server URI
ldap://<server fully-qualified-domain-name or IP address>:389
Enable StartTLS
TLS Verification Certificate
---------
Bind CN
The Bind CN item is the distinguished name (DN) of the administrative user you will use to login (authenticate) to the OpenLDAP server for Authentik to do its work.
uid=admin,ou=people,dc=example,dc=com
Bind Password
The Bind Password is the password for the admin account.
ADMIN_PASSWORD
Base DN
Remember, this must be the base DN for the OpenLDAP directory. It should look something like:
dc=example,dc=com
LDAP Attribute mapping
User Property Mappings
authentik default LDAP Mapping: mail
authentik default LDAP Mapping: Name
authentik default Active Directory Mapping: givenName
authentik default Active Directory Mapping: sAMAccountName
authentik default Active Directory Mapping: sn
authentik default Active Directory Mapping: userPrincipalName
authentik default OpenLDAP Mapping: cn
authentik default OpenLDAP Mapping: uid
Group Property Mappings
authentik default LDAP Mapping: mail
authentik default LDAP Mapping: Name
authentik default Active Directory Mapping: givenName
authentik default Active Directory Mapping: sAMAccountName
authentik default Active Directory Mapping: sn
authentik default Active Directory Mapping: userPrincipalName