Updated LDAP AD Simple Auth (markdown)

LDAP-AD-Simple-Auth.md

@@ -2,34 +2,6 @@
 
 When enabled, LDAP_BASEDN is not needed. Example: true
 
-## Snap
-
-Wekan, enable:
-```
-sudo snap set wekan ldap-ad-simple-auth='true'
-
-sudo snap set wekan ldap-user-authentication='true'
-```
-Wekan, disable:
-```
-sudo snap unset wekan ldap-ad-simple-auth
-
-sudo snap unset wekan ldap-user-authentication
-```
-
-Wekan Gantt GPL, enable:
-```
-sudo snap set wekan-gantt-gpl ldap-ad-simple-auth='true'
-
-sudo snap set wekan-gantt-gpl ldap-user-authentication='true'
-```
-Wekan Gantt GPL, disable:
-```
-sudo snap unset wekan-gantt-gpl ldap-ad-simple-auth
-
-sudo snap unset wekan-gantt-gpl ldap-user-authentication
-```
-
 ## Docker
 
 Uncomment settings lines this wasy at [docker-compose.yml](https://github.com/wekan/wekan/blob/master/docker-compose.yml) to enable:
@@ -39,16 +11,76 @@ Uncomment settings lines this wasy at [docker-compose.yml](https://github.com/we
       #
       # Set to true, if you want to connect with Active Directory by Simple Authentication.
       # When using AD Simple Auth, LDAP_BASEDN is not needed.
-      - LDAP_AD_SIMPLE_AUTH=true
+      #- LDAP_AD_SIMPLE_AUTH=true
       #
       # Option to login to the LDAP server with the user's own username and password, instead of
       # an administrator key. Default: false (use administrator key). When using AD Simple Auth, set to true.
       # Set to true, if the login user is used for binding. Used with AD Simple Auth.
       # When using AD Simple Auth, LDAP_BASEDN is not needed.
-      - LDAP_USER_AUTHENTICATION=true
+      #- LDAP_USER_AUTHENTICATION=true
       #
       # Which field is used to find the user for the user authentication. Default: uid.
-      - LDAP_USER_AUTHENTICATION_FIELD=uid
+      #- LDAP_USER_AUTHENTICATION_FIELD=uid
+      #
+      #
+      # === LDAP Default Domain: 2 different use cases, a/b ===
+      #
+      # a) The default domain of the ldap it is used to create email if the field is not map correctly with the LDAP_SYNC_USER_DATA_FIELDMAP
+      #
+      # b) In case AD SimpleAuth is configured, the default domain is appended to the given loginname for creating the correct username for the bind request to AD.
+      #
+      # Example :
+      #- LDAP_DEFAULT_DOMAIN=mydomain.com
+      #
+      # === LDAP Sync other settings ===
+      #
+      #- LDAP_SYNC_USER_DATA=false
+      #
+      #- LDAP_SYNC_USER_DATA_FIELDMAP={"cn":"name", "mail":"email"}
+      #
+      #- LDAP_SYNC_GROUP_ROLES=
+      #
+      # Enable/Disable syncing of admin status based on ldap groups:
+      #- LDAP_SYNC_ADMIN_STATUS=true
+      #
+      # Comma separated list of admin group names to sync.
+      #- LDAP_SYNC_ADMIN_GROUPS=group1,group2
       #
       #-----------------------------------------------------------------
 ```
+
+## Snap
+
+Wekan, enable:
+```
+sudo snap set wekan ldap-ad-simple-auth='true'
+
+sudo snap set wekan ldap-user-authentication='true'
+
+sudo snap set wekan ldap-default-domain='mydomain.com'
+```
+Wekan, disable:
+```
+sudo snap unset wekan ldap-ad-simple-auth
+
+sudo snap unset wekan ldap-user-authentication
+
+sudo snap unset wekan ldap-default-domain
+```
+
+Wekan Gantt GPL, enable:
+```
+sudo snap set wekan-gantt-gpl ldap-ad-simple-auth='true'
+
+sudo snap set wekan-gantt-gpl ldap-user-authentication='true'
+
+sudo snap set wekan-gantt-gpl ldap-default-domain='mydomain.com'
+```
+Wekan Gantt GPL, disable:
+```
+sudo snap unset wekan-gantt-gpl ldap-ad-simple-auth
+
+sudo snap unset wekan-gantt-gpl ldap-user-authentication
+
+sudo snap set wekan-gantt-gpl ldap-default-domain
+```