From 276d58b84649dc99460730d4756ca37637a22a88 Mon Sep 17 00:00:00 2001 From: Lauri Ojansivu Date: Sat, 24 Jul 2021 19:11:55 +0300 Subject: [PATCH] Updated LDAP AD Simple Auth (markdown) --- LDAP-AD-Simple-Auth.md | 46 ++++++++++++++++++------------------------ 1 file changed, 20 insertions(+), 26 deletions(-) diff --git a/LDAP-AD-Simple-Auth.md b/LDAP-AD-Simple-Auth.md index 8d6b011..5c9f4f4 100644 --- a/LDAP-AD-Simple-Auth.md +++ b/LDAP-AD-Simple-Auth.md @@ -12,40 +12,34 @@ Uncomment settings lines this wasy at [docker-compose.yml](https://github.com/we # # Set to true, if you want to connect with Active Directory by Simple Authentication. # When using AD Simple Auth, LDAP_BASEDN is not needed. - - LDAP_AD_SIMPLE_AUTH=true # - # Option to login to the LDAP server with the user's own username and password, instead of - # an administrator key. Default: false (use administrator key). When using AD Simple Auth, set to true. - # Set to true, if the login user is used for binding. Used with AD Simple Auth. - # When using AD Simple Auth, LDAP_BASEDN is not needed. - - LDAP_USER_AUTHENTICATION=true + # Example: + #- LDAP_AD_SIMPLE_AUTH=true + # + # === LDAP User Authentication === + # + # a) Option to login to the LDAP server with the user's own username and password, instead of + # an administrator key. Default: false (use administrator key). + # + # b) When using AD Simple Auth, set to true, when login user is used for binding, + # and LDAP_BASEDN is not needed. + # + # Example: + #- LDAP_USER_AUTHENTICATION=true # # Which field is used to find the user for the user authentication. Default: uid. - - LDAP_USER_AUTHENTICATION_FIELD=uid + #- LDAP_USER_AUTHENTICATION_FIELD=uid # + # === LDAP Default Domain === # - # === LDAP Default Domain: 2 different use cases, a/b === + # a) In case AD SimpleAuth is configured, the default domain is appended to the given + # loginname for creating the correct username for the bind request to AD. # - # a) The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP - # - # b) In case AD SimpleAuth is configured, the default domain is appended to the given loginname for creating the correct username for the bind request to AD. + # b) The default domain of the ldap it is used to create email if the field is not map + # correctly with the LDAP_SYNC_USER_DATA_FIELDMAP # # Example : - - LDAP_DEFAULT_DOMAIN=mydomain.com - # - # === LDAP Sync other settings === - # - #- LDAP_SYNC_USER_DATA=false - # - #- LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"} - # - #- LDAP_SYNC_GROUP_ROLES= - # - # Enable/Disable syncing of admin status based on ldap groups: - #- LDAP_SYNC_ADMIN_STATUS=true - # - # Comma separated list of admin group names to sync. - #- LDAP_SYNC_ADMIN_GROUPS=group1,group2 + #- LDAP_DEFAULT_DOMAIN=mydomain.com # #----------------------------------------------------------------- ```