From f00657f217afb4e1da5b13e30866531d4cd69b0a Mon Sep 17 00:00:00 2001 From: Joseph Kavanagh Date: Thu, 5 May 2022 11:26:16 +0100 Subject: [PATCH] website/integrations: update opnsense integration guidance (#2808) * website/docs: update opnsense integration guidance * website/docs: remove `-user` opnsense integration --- website/integrations/services/opnsense/index.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/website/integrations/services/opnsense/index.md b/website/integrations/services/opnsense/index.md index efe5a680b..2d386e6e5 100644 --- a/website/integrations/services/opnsense/index.md +++ b/website/integrations/services/opnsense/index.md @@ -11,7 +11,7 @@ OPNsense is a free and Open-Source FreeBSD-based firewall and routing software. ::: :::note -This is based on authentik 2021.10.3 and OPNsense 21.7.4-amd64 installed using https://docs.opnsense.org/manual/install.html. Instructions may differ between versions. +This is based on authentik 2022.4.1 and OPNsense 22.1.6-amd64 installed using https://docs.opnsense.org/manual/install.html. Instructions may differ between versions. ::: ## Preparation @@ -19,14 +19,13 @@ This is based on authentik 2021.10.3 and OPNsense 21.7.4-amd64 installed using h The following placeholders will be used: - `authentik.company` is the FQDN of authentik. -- `opnsense-user` is the name of the authentik Service account we'll create. +- `opnsense` is the name of the authentik Service account we'll create. - `DC=ldap,DC=goauthentik,DC=io` is the Base DN of the LDAP Provider (default) ### Step 1 -In authentik, create a service account (under _Identity & Cryptography/Users_) for OPNsense to use as the LDAP Binder. - -In this example, we'll use `opnsense-user` as the Service account's username +In authentik, go and 'Create Service account' (under _Directory/Users_) for OPNsense to use as the LDAP Binder, leaving 'Create group' ticked as we'll need that group for the provider. +In this example, we'll use `opnsense` as the Service account's username :::note Take note of the password for this user as you'll need to give it to OPNsense in _Step 4_. @@ -34,7 +33,7 @@ Take note of the password for this user as you'll need to give it to OPNsense in ### Step 2 -In authentik, create an _LDAP Provider_ (under _Resources/Providers_) with these settings: +In authentik, create an _LDAP Provider_ (under _Applications/Providers_) with these settings: :::note Only settings that have been modified from default have been listed. @@ -42,11 +41,12 @@ Only settings that have been modified from default have been listed. **Protocol Settings** - Name: LDAP +- Search group: opnsense - Certificate: authentik Self-signed certificate ### Step 3 -In authentik, create an application (under _Resources/Applications_) which uses this provider. Optionally apply access restrictions to the application using policy bindings. +In authentik, create an application (under _Applications/Applications_) which uses this provider. Optionally apply access restrictions to the application using policy bindings. :::note Only settings that have been modified from default have been listed. @@ -58,7 +58,7 @@ Only settings that have been modified from default have been listed. ### Step 4 -In authentik, create an outpost (under _Outposts/Outposts_) of type `LDAP` that uses the LDAP Application you created in _Step 2_. +In authentik, create an outpost (under _Applications/Outposts_) of type `LDAP` that uses the LDAP Application you created in _Step 2_. :::note Only settings that have been modified from default have been listed.