LDAP Source
Sources allow you to connect authentik to an existing user directory. This source allows you to import users and groups from an LDAP Server.
For Active Directory, follow the Active Directory Integration
For FreeIPA, follow the FreeIPA Integration
Configuration options for LDAP sources
To create or edit a source in authentik, open the Admin interface and navigate to Directory -> Ferderation and Social login. There you can create a new LDAP source, or edit an existing one, using the following settings.
-
Enabled: Toggle this option on to allow authentik to use the defined LDAP source.
-
Update internal password on login: When the user logs in to authentik using the LDAP password backend, the password is stored as a hashed value in authentik. Toggle off (default setting) if you do not want to store the hashed passwords in authentik.
-
Sync users: Enable or disable user synchronization between authentik and the LDAP source.
-
User password writeback: Enable this option if you want to write password changes that are made in authentik back to LDAP.
-
Sync groups: Enable/disable group synchronization. Groups are synced in the background every 5 minutes.
-
Parent group: Optionally set this group as the parent group for all synced groups. An example use case of this would be to import Active Directory groups under a root
imported-from-ad
group.