rustdesk/doc.rustdesk.com
1
0
Fork 0
mirror of https://github.com/rustdesk/doc.rustdesk.com.git synced 2026-04-07 08:16:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ce8d2b77cd0b4be12e52ba773ed0e313efc71c0d
doc.rustdesk.com/content/self-host/rustdesk-server-pro/ldap/_index.en.md
rustdesk 56cfd26e35 seo/geo
2026-03-20 18:42:55 +08:00

3.4 KiB
Raw Blame History

title, weight, description, keywords
title weight description keywords
LDAP 17 Configure LDAP authentication in RustDesk Server Pro by setting the server host, port, base DN, scope, and related directory mapping options.
rustdesk ldap
rustdesk server pro ldap
rustdesk ldap authentication
rustdesk base dn
rustdesk ldaps

Use this guide to connect RustDesk Server Pro to your LDAP directory for centralized authentication and user lookup.

What does LDAP do in RustDesk Server Pro?

LDAP lets RustDesk Server Pro authenticate users against your directory service instead of managing separate local credentials for every account. On first successful login, RustDesk creates the user automatically based on the LDAP identity.

LDAP setup checklist

  1. Identify your LDAP host, port, and encryption mode (389, 636, or StartTLS).
  2. Choose a service account with a valid Bind DN and password.
  3. Set the correct Base DN, scope, and user filter.
  4. Set the correct username attribute, such as uid or sAMAccountName.
  5. Test the configuration in the RustDesk web console before rolling it out.

LDAP quick answers

  • RustDesk creates the user on first successful LDAP login
  • The console validates the LDAP connection when you submit the configuration
  • Converting local users to LDAP users is not supported yet
  • LDAP groups are not supported yet

Configuration

Please go to LDAP settings page as below.

  • LDAP Host: This is the hostname or IP address of the LDAP server. For example, ldap.example.com or 192.0.2.1.

  • LDAP Port: This is the port number on which the LDAP server is listening. The default port for LDAP is 389, and for LDAPS (LDAP over SSL) it's 636.

  • Base DN: This is the starting point for the LDAP search. For example, dc=example,dc=com.

  • Scope: This determines the scope of the search in the LDAP directory. It can be one (The entries immediately below the base DN), or sub (The entries immediately below the base DN).

  • Bind DN / Password: The admin user name and password of your service account. This account is used to bind to LDAP to authenticate other users. It's often a user DN like cn=admin,dc=example,dc=com.

  • Filter: This is the search filter for the LDAP query. For example, (objectClass=person), or (&(age=28)(!(name=Bob))).

  • Username Attribute: This is the attribute which contains the username. For example, uid or sAMAccountName. By default, it uses uid and cn. Here is a discussion about this.

  • StartTLS: This determines whether to use StartTLS to upgrade the connection to a secure one.

  • NoTLSVerify: This determines whether to skip TLS certificate verification. It's recommended to leave this as false (i.e., perform certificate verification) unless you're sure about what you're doing.

How does it work?

  • How do LDAP logins work e.g. do I need to create a new user first, does RustDesk create a user on first login, etc?

    RustDesk create a user on first login

  • How do I check LDAP is working (ideally a command I can give to RustDesk to return the discovered users.)?

    When you submit the configuration, it will connect to your LDAP server with binddn/password you have given and verify if it works.

  • How do I change local users to LDAP users?

    Not yet

  • Does it support LDAP groups?

    Not yet