mirror of
https://github.com/lldap/lldap.git
synced 2026-04-26 00:36:01 +03:00
[GH-ISSUE #1167] Integrated LLDAP with Ubiquiti UDM Identity End Point - working on my UDM #416
Labels
No labels
backend
blocked
bug
cleanup
dependencies
docker
documentation
duplicate
enhancement
enhancement
frontend
github_actions
good first issue
help wanted
help wanted
integration
invalid
ldap
pull-request
question
rust
rust
tests
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/lldap-lldap#416
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @sdelnevo on GitHub (May 7, 2025).
Original GitHub issue: https://github.com/lldap/lldap/issues/1167
Hi
I have managed to integrate your software with my Ubiquiti UDM Identity Endpoint so i thought i would put the details up here in case another user wanted to do the same thing
Below are the details I have entered into the UDM Pro's Admins and Users section, Directory Integration when enabling LDAP user sync
These settings allow you to add users into groups in your UDM based on user groups in the LLDAP server
change 10.128.20.3 to your lldap server IP address
change LDAP BIND User
change dc=domian,dc=com to your root DN
change the port to be either 6360 or 3830 as required
LDAP Server 10.128.20.3
Port 6360
Root DN - dc=domian,dc=com
Bind DN - uid=LDAP BIND User,ou=people,dc=domian,dc=com
Synced Scope - All
After entering the LLDAP service details click the settings tab (the cog icon in the top right of the LDAP screen) in the UDMs Identity Endpoint setup screen and in the LDAP configuration settings enter
LDAP Configuration
LDAP Version - OpenLDAP
Unique Identifier Attribute - entryUUID
User
User Search Base - ou=people,dc=domian,dc=com
User Object Class - person
User Object Filter - objectClass=person
Group
Group Search Base - ou=groups,dc=domian,dc=com
Group Object Class - groupOfUniqueNames
Group Object Filter - objectClass=groupOfUniqueNames
Member Attribute - member
Validate Attribute
enter a user e-mail address who has been added in LLDAP , and click test configuration, test show be successful
Advanced
Delegated Authentication = true
Suspend user Sync Feature = True
You should now be able to go back to the top of the configuration and edit the group mapping
Sync Scope
Sync Scope - all
Group Mappings - Edit Rule
you can now select the required LLDAP group to sync with the UDM Identity group
As per the screen shot below
@nitnelave commented on GitHub (May 7, 2025):
Thanks! Do you think you could turn that into a PR with a markdown guide?
@sdelnevo commented on GitHub (May 7, 2025):
Hi
I would love too, but I will be honest it would be the first one that I would have ever done, so bear with me
I apologise well in advance if it all goes wrong lol
@nitnelave commented on GitHub (May 7, 2025):
Don't worry, you wouldn't be the first :)
Give a shout if you need help, either here or in our discord. (Though I won't be available until this weekend)
@sdelnevo commented on GitHub (May 9, 2025):
Hi
I have created the pull request
its the first one I have ever done, so I apologise in advanced if its completely wrong
@nitnelave commented on GitHub (May 9, 2025):
Thanks! I added a few comments, but it's already very helpful :)
@sdelnevo commented on GitHub (May 19, 2025):
PR merged so closing this