**Purpose**: LDAP settings are used in various services from privacyIDEA to Nextcloud. This will outline the basic parameters in my homelab that are necessary to make it function. | **Field** | **Value** | **Description** | | :--- | :--- | :--- | | Server Address(s) | `ldap://bunny-dc-01.bunny-lab.io` / `192.168.3.8`, `ldap://bunny-db-02.bunny.lab.io` / `192.168.3.9` | Domain Controllers | | Port | `389` | Unencrypted LDAP | | STARTTLS | `Disabled` | | | Base DN | `CN=Users,DC=bunny-lab,DC=io` | This is where users are pulled from | | User / Bind DN | `CN=Nicole Rappe,CN=Users,DC=bunny-lab,DC=io` | This is the domain admin used to connect to LDAP | | User / Bind Password | `` | Domain Credentials for Domain Admin account | | Login Attribute | ` LDAP Filter: (&(&(|(objectclass=person))(|(|(memberof=CN=Domain Users,CN=Users,DC=bunny-lab,DC=io)(primaryGroupID=513))))(samaccountname=%uid)) ` | Used by Nextcloud | | Login Attribute | `(sAMAccountName=*)(objectCategory=person)` | Used by PrivacyIDEA |