From 5677ff798f6467c939341d4bd35713754fcc92d5 Mon Sep 17 00:00:00 2001
From: Charles van Niman <lkmhaqer@users.noreply.github.com>
Date: Thu, 31 Aug 2023 03:32:56 -0500
Subject: [PATCH] example_configs: add Pdns admin example

---
 README.md                         |  1 +
 example_configs/powerdns_admin.md | 39 +++++++++++++++++++++++++++++++
 2 files changed, 40 insertions(+)
 create mode 100644 example_configs/powerdns_admin.md

diff --git a/README.md b/README.md
index 94be328..fde8866 100644
--- a/README.md
+++ b/README.md
@@ -290,6 +290,7 @@ folder for help with:
 - [Nexus](example_configs/nexus.md)
 - [Organizr](example_configs/Organizr.md)
 - [Portainer](example_configs/portainer.md)
+- [PowerDNS Admin](example_configs/powerdns_admin.md)
 - [Rancher](example_configs/rancher.md)
 - [Seafile](example_configs/seafile.md)
 - [Shaarli](example_configs/shaarli.md)
diff --git a/example_configs/powerdns_admin.md b/example_configs/powerdns_admin.md
new file mode 100644
index 0000000..6b1b2f5
--- /dev/null
+++ b/example_configs/powerdns_admin.md
@@ -0,0 +1,39 @@
+# Configuration for PowerDNS Admin
+
+## Navigate
+
+- Login to PowerDNS Admin
+- Navigate to: `Administration > Settings > Authentication`
+- Select the `LDAP` tab of the `Authentication Settings`
+
+## LDAP Config
+
+- Enable LDAP Authentication: Checked
+- Type: OpenLDAP
+
+### Administrator Info
+
+- LDAP URI: `ldap://<your-lldap-ip-or-hostname>:3890`
+- LDAP Base DN: `ou=people,dc=example,dc=com`
+- LDAP admin username: `uid=admin,ou=people,dc=example,dc=com`
+  - It is recommended that you create a separate user account (e.g, `bind_user`) instead of `admin` for sharing Bind credentials with other services. The `bind_user` should be a member of the `lldap_strict_readonly` group to limit access to your LDAP configuration in LLDAP.
+- LDAP admin password: password of the user specified above
+
+### Filters
+
+- Basic filter: `(objectClass=person)`
+- Username field: `uid`
+- Group filter: `(objectClass=groupOfUniqueNames)`
+- Group name field: `member`
+
+### Group Security (Optional)
+
+> If Group Security is disabled, all users authenticated via LDAP will be given the "User" role.
+
+Group Security is an optional configuration for LLDAP users. It provides a simple 1:1 mapping between LDAP groups, and PowerDNS roles.
+
+- Status: On
+- Admin group: `cn=dns_admin,ou=groups,dc=example,dc=com`
+- Operator group: `cn=dns_operator,ou=groups,dc=example,dc=com`
+- User group: `cn=dns_user,ou=groups,dc=example,dc=com`
+  
\ No newline at end of file