+- Jellyfin Forum (https://forum.jellyfin.org)
+-- Forum: Support (https://forum.jellyfin.org/f-support)
+--- Forum: Troubleshooting (https://forum.jellyfin.org/f-troubleshooting)
+---- Forum: Networking & Access (https://forum.jellyfin.org/f-networking-access)
+---- Thread: Problems detecting and authenticating LDAP Users (/t-problems-detecting-and-authenticating-ldap-users)
Problems detecting and authenticating LDAP Users - browbeat7900 - 2024-10-07
Hello all!
I've recently changed my jellyfin server setup to be running in a docker container on my home server which is connected to a cloud server that handles reverse proxy and VPN tunneling for network security. I have authentik running in a container on the cloud server and when running connection tests with a service account set up for Jellyfin I have no problem connecting to the server, but when searching for new users that I have created in authentik, they are never detected. Further, I have heard of a workaround where users are first created in Jellyfin, given a blank password, and then created in authentik with the same username and a unique password. However, when trying this I am never prompted for the LDAP login.
I was following a tutorial on connecting Authentik to Jellyfin shown here but I was experiencing the same sort of User detection errors. I then went through forums and found this article where users talked about needing to set higher permissions for bind users so that it could search directories. I also noted that the process for creating the service account was somewhat out of date and authentik has a dedicated process for creating service accounts which I used after deleting the previous service account created when following the tutorial. I then gave the account permissions to search the directory but still had issues. I then saw that the JellyfinUsers and JellyfinAdmins groups I had created were not bound to my LDAP provider, something that had never been mentioned but I bound them anyway to my LDAP provider in authentik. I gave the service account maximum permissions in every way that I could however it still cannot find the users I create and put into the JellyfinUsers group.
When saving and testing the LDAP server settings on the Jellyfin plugin side I get the message " Connect (Success); Bind (Success); Base Search (Found 25 Entities)"
Originally I had the user search filter set to (&(objectClass=user)(memberOf=cn=jellyfin_users,ou=groups,dc=company,dc=com,dc=ldap,dc=goauthentik,dc=io))" as this matched the documentation for jellyfin and authentik but I couldn't detect users. Even using the basic user filter "objectClass = user" Jellyfin still doesn't detect any users I keep getting " Found 0 user(s), 1 admin(s), Warning: Not all Admins are Users " which is especially weird since I don't have any admins created in authentik.
Can anyone here help me with this? Or would it be better for me to ask somewhere else? I've looked through all jellyfin and authentik documentation related to this trying to solve the issue and there's very few forum posts about this topic and none have helped. Any help is appreciated as I am really at a loss for what to do.
RE: Problems detecting and authenticating LDAP Users - TheDreadPirate - 2024-10-08
There is a guide someone wrote in the walkthrough sub-forum.
https://forum.jellyfin.org/t-jellyfin-authentik-duo-2fa-solution-tutorial
Check it out and see if it helps figure out what you may have missed.