Jellyfin, Authentik, DUO. 2FA solution tutorial.

[Kein]

Good thought! Unfortunately didn't work. I tried 389 as well as the webUI port for the port, as well as trying the domain name for the server address. I suspect I've got some sort of issue with what I'm putting as the IP.

LDAP Outpost is my verified domain, auth.x.x
LDAP server in Jellyfin is server IP
Port I've tried 389 and my webUI port

I can see a container running the LDAP with 389 published. I tried the container IP address as well and that didn't work.

I had a similar issue when configuring and what I've done is to set the Provider Certificate as 'authentik Self-Signed Certificate' and then used port 636 for https and checked the Skip SSL/TLS Verification. For the IP just use your server's main IP. Also I preferred to use the tutorial available on the Authentik Jellyfin Configuration Guide with the steps available on Create an LDAP provider because I have a newer version of Authentik than what the OP mentioned and to verify the installation at the end I've used this line of code (for ubuntu):

Code:

ldapsearch \
-x \
-H ldap://xxx.xxx.xxx.xxx:389 \ #enter your own host IP address
-D "cn=ldapservice,ou=users,DC=ldap,DC=goauthentik,DC=io" \
-b 'DC=ldap,DC=goauthentik,DC=io' \
'(objectClass=user)' \
-W \ #enter the password for the ldapservice user

Hope this helps you out! Cheers!

[BourbonDoc]

I still don't really know for sure what my issue was, but a couple of things seemed to make it work. Created ldapsearch group, added service account to it, gave full search permissions, then restarted authentik and jellyfin. Also had "http://" in front of the server address at one point and that messed it up.

Didn't end up doing anything with the certificate as mine is behind Nginx Proxy Manager.

Some combination of these and completing a fresh install/config for the third time (but slower) made it work. I swear sometimes it feels like I just have to push the keys harder and it somehow works.

[peterninkenpoop]

While I am able to successfully connect Jellyfin to the LDAP server:

Code:

Connect (Success); Bind (Success); Base Search (Found 7 Entities)

I seem to be unable to find any users or admins:

Code:

Found 0 user(s), 0 admin(s)

I have gone over the LDAP search filter many times, but can't seem to find an error. Attached is a screenshot of my Jellyfin LDAP setup, should someone like to take a look.

---

edit:
Looking back through things, I noticed when I created the LDAP application provider and bound it to ldap-authentication-flow I was unable to assign a search group. The problem is, there is no option for me to do so.

---

solution:
The problem did in fact have to do with not having been able to assign the service account to the ldap-authentication-flow search group. On version 2024.8.3 of Authentik, this is now done after creating the LDAP application provider and going to the permissions tab and then Assign to a new user.

I'm stuck at this point too.  Where are you finding the permissions tab?