aboutsummaryrefslogtreecommitdiff
path: root/doc/src
diff options
context:
space:
mode:
Diffstat (limited to 'doc/src')
-rw-r--r--doc/src/sgml/client-auth.sgml10
1 files changed, 8 insertions, 2 deletions
diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml
index 23c3223736a..d9d14955f0b 100644
--- a/doc/src/sgml/client-auth.sgml
+++ b/doc/src/sgml/client-auth.sgml
@@ -1490,10 +1490,10 @@ omicron bryanh guest1
<term><literal>ldapurl</literal></term>
<listitem>
<para>
- An RFC 4516 LDAP URL. This is an alternative way to write most of the
+ An RFC 4516 LDAP URL. This is an alternative way to write some of the
other LDAP options in a more compact and standard form. The format is
<synopsis>
-ldap://[<replaceable>user</replaceable>[:<replaceable>password</replaceable>]@]<replaceable>host</replaceable>[:<replaceable>port</replaceable>]/<replaceable>basedn</replaceable>[?[<replaceable>attribute</replaceable>][?[<replaceable>scope</replaceable>]]]
+ldap://<replaceable>host</replaceable>[:<replaceable>port</replaceable>]/<replaceable>basedn</replaceable>[?[<replaceable>attribute</replaceable>][?[<replaceable>scope</replaceable>]]]
</synopsis>
<replaceable>scope</replaceable> must be one
of <literal>base</literal>, <literal>one</literal>, <literal>sub</literal>,
@@ -1503,6 +1503,12 @@ ldap://[<replaceable>user</replaceable>[:<replaceable>password</replaceable>]@]<
</para>
<para>
+ For non-anonymous binds, <literal>ldapbinddn</literal>
+ and <literal>ldapbindpasswd</literal> must be specified as separate
+ options.
+ </para>
+
+ <para>
To use encrypted LDAP connections, the <literal>ldaptls</literal>
option has to be used in addition to <literal>ldapurl</literal>.
The <literal>ldaps</literal> URL scheme (direct SSL connection) is not
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-23 07:56:52 +0000