Support LDAP method start_tls

1 files changed, 10 insertions, 2 deletions

diff --git a/docs/config.md b/docs/config.md
index 8d6770959..7052b1eb4 100644
--- a/docs/config.md
+++ b/docs/config.md
@@ -329,13 +329,21 @@ config :auto_linker,
 
 ## :ldap
 
+Use LDAP for user authentication.  When a user logs in to the Pleroma
+instance, the name and password will be verified by trying to authenticate
+(bind) to an LDAP server.  If a user exists in the LDAP directory but there
+is no account with the same name yet on the Pleroma instance then a new
+Pleroma account will be created with the same name as the LDAP user name.
+
 * `enabled`: enables LDAP authentication
 * `host`: LDAP server hostname
 * `port`: LDAP port, e.g. 389 or 636
-* `ssl`: true to use SSL
+* `ssl`: true to use SSL, usually implies the port 636
 * `sslopts`: additional SSL options
+* `tls`: true to start TLS, usually implies the port 389
+* `tlsopts`: additional TLS options
 * `base`: LDAP base, e.g. "dc=example,dc=com"
-* `uid`: attribute type to authenticate the user, e.g. when "cn", the filter will be "cn=username,base"
+* `uid`: LDAP attribute name to authenticate the user, e.g. when "cn", the filter will be "cn=username,base"
 
 ## Pleroma.Web.Auth.Authenticator