diff options
| author | Yannick Bungers | 2021-01-05 17:27:24 +0100 |
|---|---|---|
| committer | GitHub | 2021-01-05 17:27:24 +0100 |
| commit | 73d237165ea8fe411b764e5b5d1a2f51a2e02a0b (patch) | |
| tree | 851df47886b64ac3c37ab6b809f300cd0dd99c0a /docs/guides/auth/ldap-ad.md | |
| parent | d52d1d255a876fcf937c9df3717f6df9b745ad22 (diff) | |
| parent | d39c7deb32044a4a34e9c158f168070181b8ae9f (diff) | |
Merge pull request #656 from hedgedoc/docs/move-content
Move docs into subdirectory to make structor work
Diffstat (limited to 'docs/guides/auth/ldap-ad.md')
| -rw-r--r-- | docs/guides/auth/ldap-ad.md | 38 |
1 files changed, 0 insertions, 38 deletions
diff --git a/docs/guides/auth/ldap-ad.md b/docs/guides/auth/ldap-ad.md deleted file mode 100644 index b7d0284e..00000000 --- a/docs/guides/auth/ldap-ad.md +++ /dev/null @@ -1,38 +0,0 @@ -# AD LDAP auth - -To setup your HedgeDoc instance with Active Directory you need the following configs: - -```env -CMD_LDAP_URL=ldap://internal.example.com -CMD_LDAP_BINDDN=cn=binduser,cn=Users,dc=internal,dc=example,dc=com -CMD_LDAP_BINDCREDENTIALS=<super secret password> -CMD_LDAP_SEARCHBASE=dc=internal,dc=example,dc=com -CMD_LDAP_SEARCHFILTER=(&(objectcategory=person)(objectclass=user)(|(sAMAccountName={{username}})(mail={{username}}))) -CMD_LDAP_USERIDFIELD=sAMAccountName -CMD_LDAP_PROVIDERNAME=Example Inc AD -``` - -`CMD_LDAP_BINDDN` is either the `distinguishedName` or the `userPrincipalName`. *This can cause "username/password is invalid" when either this value or the password from `CMD_LDAP_BINDCREDENTIALS` are incorrect.* - -`CMD_LDAP_SEARCHFILTER` matches on all users and uses either the email address or the `sAMAccountName` (usually the login name you also use to login to Windows). - -*Only using `sAMAccountName` looks like this:* `(&(objectcategory=person)(objectclass=user)(sAMAccountName={{username}}))` - -`CMD_LDAP_USERIDFIELD` says we want to use `sAMAccountName` as unique identifier for the account itself. - -`CMD_LDAP_PROVIDERNAME` just the name written above the username and password field on the login page. - -Same in json: - -```json -"ldap": { - "url": "ldap://internal.example.com", - "bindDn": "cn=binduser,cn=Users,dc=internal,dc=example,dc=com", - "bindCredentials": "<super secret password>", - "searchBase": "dc=internal,dc=example,dc=com", - "searchFilter": "(&(objectcategory=person)(objectclass=user)(|(sAMAccountName={{username}})(mail={{username}})))", - "useridField": "sAMAccountName", -}, -``` - -More details and example: <https://www.npmjs.com/package/passport-ldapauth> |