Setting Up LDAP Authentication in Subsonic 🌱

Active Directory Setup

1. Open Active Directory Users and Computers
2. Expand the domain > Users
3. Right Click Users > New > User
4. Create a read only account to use for LDAP binding
   First Name: Read
   Last Name: Only
   User logon name: readonly_svc
5. Click Next
6. Set the user's password and confirm it
7. Uncheck User must change password on next logon
8. Check User cannot change password
9. Check Password never expires
10. Click Next
11. Click Finish
12. Right Click Users > New > Group
13. Give the group a name and click OK
14. Right Click the newly created group > Properties
15. Select the Members tab > Click Add...
16. Add users that will be allowed access to the web application
17. Click OK

Configuring Subsonic

1. Open a web browser and navigate to http://DNSorIP:Port
2. Login with the Subsonic admin account (admin/admin by default)
3. Select Settings > Advanced
4. Check the Enable LDAP authentication box
5. Fill out the LDAP setup fields below:
   LDAP URL: ldap://i12bretro.local:389/dc=i12bretro,dc=local
   LDAP search filter: (&(sAMAccountName={0})(&(objectCategory=user)(memberof=cn=Subsonic Users,CN=Users,dc=i12bretro,dc=local)))
   LDAP manager DN (Optional): i12bretro.local\readonly_svc
   Password: %readonly_svc password%
   Check the Automatically create users in Subsonic box
6. Click the Save button
7. Click Users in the top navigation
8. Make sure the Select user dropdown says -- New user --
9. Check all the boxes for the permissions you'd like the new user to have
10. Set the username field
11. Check the box to Authenticate user in LDAP
12. Click the Save button
13. Click Logout of admin from the left navigation
14. Sign in with the active directory username and password