diff --git a/Client/main.py b/Client/main.py index 29cc79b..b3b048d 100644 --- a/Client/main.py +++ b/Client/main.py @@ -7,7 +7,7 @@ from mfrc522 import MFRC522 from ssd1306 import SSD1306_I2C # Global variables -DOOR_ID = 1 +DOOR_ID = '[Your door ID]' WLAN_SSID = '[Your SSID]' WLAN_PASS = '[Your password]' SERVER_IP = '[Your server IP]' diff --git a/Docs/Schematics/Reader_circuit.fzz b/Docs/Schematics/Reader_circuit.fzz new file mode 100644 index 0000000..7931817 Binary files /dev/null and b/Docs/Schematics/Reader_circuit.fzz differ diff --git a/Docs/Schematics/Reader_circuit.png b/Docs/Schematics/Reader_circuit.png new file mode 100644 index 0000000..77398e0 Binary files /dev/null and b/Docs/Schematics/Reader_circuit.png differ diff --git a/Docs/reader.md b/Docs/reader.md new file mode 100644 index 0000000..31dfe11 --- /dev/null +++ b/Docs/reader.md @@ -0,0 +1,40 @@ +# Build the reader + +## Ingredients +To build the reader you'll need : +- A Raspeberry pi pico +- A RC522 RFID reader card +- A SSD1306 OLED display +- A Green led with its resistor +- A Red led with its resistor +- A systeme to open a door +- Some cables and a breadboard for prototyping +- A cable to connect your computer to the Pi Pico +- Thonny installed on your computer. +- The content of the [Client folder](../Client/) + +## Assemble the components +Now you can assemble the parts using the schemas. +You can plug you openning relays at the same PIN as the green LED. + + +![reader schema](./Schematics/Reader_circuit.png) + +## Program the Pi Pico + +You can follow this guide from the raspebery py blog to initialize your Pi Pico +➡️[Here it is](https://projects.raspberrypi.org/en/projects/get-started-pico-w/1) +⚠️ I cannot guarantee the accuracy of the information contained in this guide. ⚠️ + +Now that you Pi Pico is fully operationnal, you can upload the content of the [Client folder](../Client/) to it. + +⚠️ Don't forget to change those variable at the beginning of [main.py](../Client/main.py) +⚠️ The WIFI network **MUST** be available in 2.4 Ghz +``` python +# Global variables +DOOR_ID = '[Your door ID]' +WLAN_SSID = '[Your SSID]' +WLAN_PASS = '[Your password]' +SERVER_IP = '[Your server IP]' +``` + diff --git a/Docs/server.md b/Docs/server.md new file mode 100644 index 0000000..1aa1384 --- /dev/null +++ b/Docs/server.md @@ -0,0 +1,55 @@ +# Server install + +## 1. Modify the LDAP Schema + +To add the `rFIDUID` attribute to your LDAP schema, follow these steps: + +### Open PowerShell as Administrator + +1. **Open PowerShell as Administrator**: This is required to make changes to the LDAP schema. + +### Add the `rFIDUID` Attribute + +2. **Add the `rFIDUID` Attribute**: Use the following PowerShell commands to add the `rFIDUID` attribute to the LDAP schema. + + ```powershell + Import-Module ActiveDirectory + + # Define the new attribute + $attribute = New-Object PSObject -Property @{ + lDAPDisplayName = "rFIDUID" + adminDescription = "RFID UID" + attributeSyntax = "2.5.5.12" + oMSyntax = 64 + isSingleValued = $true + } + + # Add the new attribute to the schema + New-ADObject -Name "rFIDUID" -Type "attributeSchema" -OtherAttributes $attribute + +3. **Add the Attribute to a Class**: Update the user class to include the `rFIDUID` attribute. + ```powershell + # Find the user class + $userClass = Get-ADObject -LDAPFilter "(cn=user)" -SearchBase "CN=Schema,CN=Configuration,DC=ad,DC=bts,DC=com" -SearchScope Base + + # Add the new attribute to the user class + Set-ADObject -Identity $userClass -Add @{mayContain="rFIDUID"} + ``` + +## 2. Create an LDAP User for Sync +Create a dedicated LDAP user for synchronizing data: +⚠️ Do not forget to replace the domain by yours and the password by a strong one. +```powershell + New-ADUser -Name "RO.RF-AD" ` + -GivenName "ReadOnly" ` + -Surname "AD" ` + -UserPrincipalName "RO.RF-AD@your-domain.com" ` + -Path "OU=Users,DC=your-domain,DC=com" ` + -AccountPassword (ConvertTo-SecureString -AsPlainText "[YOUR PASSWORD]" -Force) ` + -Enabled $true + + # Grant read permissions + $ldapUser = Get-ADUser -Identity "RO.RF-AD" + Add-ADPermission -Identity "OU=Users,DC=your-domain,DC=com" -User $ldapUser -AccessRights ReadProperty + ``` + diff --git a/Docs/usage.md b/Docs/usage.md new file mode 100644 index 0000000..d4636ca --- /dev/null +++ b/Docs/usage.md @@ -0,0 +1 @@ +# How to use \ No newline at end of file diff --git a/README.md b/README.md index 37731cb..41da1e2 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,27 @@ # RF-AD -Simple RFID access control system linked to AD + +This project implements an access control system using LDAP and SQLite. It includes a web interface for managing doors and users, as well as a web API for validating RFID tags. +It was developped for the final project of my BTS SNIR (French for an IT and electronics Degree). + +## Prerequisites + +- Docker ➡️ [Official Guide to install docker](https://docs.docker.com/engine/install/) +- Fully installed AD ➡️ [Here is a guide](https://www.easeus.com/todo-backup-guide/how-to-install-active-directory-on-windows-server-2022.html) +⚠️ I cannot guarantee the accuracy of the information contained in this guide. ⚠️ + + +## Setup Instructions + +### 1. Build the reader +➡️ [Here is the guide](./Docs/reader.md) + +### 2. Install the server +➡️ [Here is the guide](./Docs/server.md) + +### 3. How to use +➡️ [Here is the guide](./Docs/usage.md) + +## Licence + +This project is licensed under the MIT [License](./LICENSE). See the LICENSE file for details.