From b6e6269956f5e10f25c1b81f585378bbcc4e13fe Mon Sep 17 00:00:00 2001 From: Haoyu Xu Date: Mon, 25 Dec 2023 12:48:07 -0500 Subject: [PATCH] example_configs: make the zitadel doc more comprehensive fixed `Userbase` attribute; added `Preferred username attribute`; added `Automatic creation` --- example_configs/zitadel.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/example_configs/zitadel.md b/example_configs/zitadel.md index e5146b9..41c91cd 100644 --- a/example_configs/zitadel.md +++ b/example_configs/zitadel.md @@ -4,8 +4,9 @@ In Zitadel, go to `Instance > Settings` for instance-wide LDAP setup or `:` or `ldap://:` @@ -14,9 +15,9 @@ Replace every instance of `dc=example,dc=com` with your configured domain. * Bind Password: `` ### User binding -* Userbase: `ou=people,dc=example,dc=com` +* Userbase: `dn` * User filters: `uid`. `mail` will not work. -* User Object Classes: `inetOrgPerson` +* User Object Classes: `person` ### LDAP Attributes * ID attribute: `uid` @@ -24,6 +25,7 @@ Replace every instance of `dc=example,dc=com` with your configured domain. * Email attribute: `mail` * Given name attribute: `givenName` * Family name attribute: `lastName` +* Preferred username attribute: `uid` ### optional The following section applied to `Zitadel` only, nothing will change on `LLDAP` side. @@ -36,6 +38,8 @@ The following section applied to `Zitadel` only, nothing will change on `LLDAP` **DO NOT** enable `Automatic update` if you haven't setup a smtp server. Zitadel will update account's email and sent a verification code to verify the address. If you don't have a smtp server setup correctly and the email adress of `ZITADEL Admin` is changed, you are **permanently** locked out. +`Automatic creation` can automatically create a new account without user interaction when `Given name attribute`, `Family name attribute`, `Email attribute`, and `Preferred username attribute` are presented. + ## Enable Identity Provider After clicking `Save`, you will be redirected to `Identity Providers` page.