Setting Up LDAP Authentication in Subsonic

Active Directory Setup

  1. Open Active Directory Users and Computers
  2. Expand the domain > Users
  3. Right Click Users > New > User
  4. Create a read only account to use for LDAP binding
    First Name: Read
    Last Name: Only
    User logon name: readonly_svc
  5. Click Next
  6. Set the user's password and confirm it
  7. Uncheck User must change password on next logon
  8. Check User cannot change password
  9. Check Password never expires
  10. Click Next
  11. Click Finish
  12. Right Click Users > New > Group
  13. Give the group a name and click OK
  14. Right Click the newly created group > Properties
  15. Select the Members tab > Click Add...
  16. Add users that will be allowed access to the web application
  17. Click OK

Configuring Subsonic

  1. Open a web browser and navigate to http://DNSorIP:Port
  2. Login with the Subsonic admin account (admin/admin by default)
  3. Select Settings > Advanced
  4. Check the Enable LDAP authentication box
  5. Fill out the LDAP setup fields below:
    LDAP URL: ldap://i12bretro.local:389/dc=i12bretro,dc=local
    LDAP search filter: (&(sAMAccountName={0})(&(objectCategory=user)(memberof=cn=Subsonic Users,CN=Users,dc=i12bretro,dc=local)))
    LDAP manager DN (Optional): i12bretro.local\readonly_svc
    Password: %readonly_svc password%
    Check the Automatically create users in Subsonic box
  6. Click the Save button
  7. Click Users in the top navigation
  8. Make sure the Select user dropdown says -- New user --
  9. Check all the boxes for the permissions you'd like the new user to have
  10. Set the username field
  11. Check the box to Authenticate user in LDAP
  12. Click the Save button
  13. Click Logout of admin from the left navigation
  14. Sign in with the active directory username and password