From e278d470232f4e8081bbbe358137400074673e75 Mon Sep 17 00:00:00 2001
From: link0ff <juri@linkov.net>
Date: Fri, 22 Feb 2019 15:03:43 +0200
Subject: OpenLDAP support

---
 docs/config.md | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'docs/config.md')

diff --git a/docs/config.md b/docs/config.md
index 14723b727..a497fb4ca 100644
--- a/docs/config.md
+++ b/docs/config.md
@@ -301,3 +301,12 @@ For each pool, the options are:
 * `max_connections` - how much connections a pool can hold
 * `timeout` - retention duration for connections
 
+## :ldap
+
+* `enabled`: enables LDAP authentication
+* `host`: LDAP server hostname
+* `port`: LDAP port, e.g. 389 or 636
+* `ssl`: true to use SSL
+* `sslopts`: additional SSL options
+* `base`: LDAP base, e.g. "dc=example,dc=com"
+* `uid`: attribute type to authenticate the user, e.g. when "cn", the filter will be "cn=username,base"
-- 
cgit v1.2.3


From 88a672fe88deae53d5459d651859be65555e6af2 Mon Sep 17 00:00:00 2001
From: link0ff <juri@linkov.net>
Date: Sun, 3 Mar 2019 21:20:36 +0200
Subject: Move LDAP code to LDAPAuthenticator.  Use Authenticator for
 token_exchange with grant_type as well

---
 docs/config.md | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'docs/config.md')

diff --git a/docs/config.md b/docs/config.md
index d7349d54f..8d6770959 100644
--- a/docs/config.md
+++ b/docs/config.md
@@ -336,3 +336,8 @@ config :auto_linker,
 * `sslopts`: additional SSL options
 * `base`: LDAP base, e.g. "dc=example,dc=com"
 * `uid`: attribute type to authenticate the user, e.g. when "cn", the filter will be "cn=username,base"
+
+## Pleroma.Web.Auth.Authenticator
+
+* `Pleroma.Web.Auth.PleromaAuthenticator`: default database authenticator
+* `Pleroma.Web.Auth.LDAPAuthenticator`: LDAP authentication
-- 
cgit v1.2.3


From 9338f061a303ae3d57a8ea1af524c2ca51929f8d Mon Sep 17 00:00:00 2001
From: link0ff <juri@linkov.net>
Date: Tue, 12 Mar 2019 18:20:02 +0200
Subject: Support LDAP method start_tls

---
 docs/config.md | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

(limited to 'docs/config.md')

diff --git a/docs/config.md b/docs/config.md
index 8d6770959..7052b1eb4 100644
--- a/docs/config.md
+++ b/docs/config.md
@@ -329,13 +329,21 @@ config :auto_linker,
 
 ## :ldap
 
+Use LDAP for user authentication.  When a user logs in to the Pleroma
+instance, the name and password will be verified by trying to authenticate
+(bind) to an LDAP server.  If a user exists in the LDAP directory but there
+is no account with the same name yet on the Pleroma instance then a new
+Pleroma account will be created with the same name as the LDAP user name.
+
 * `enabled`: enables LDAP authentication
 * `host`: LDAP server hostname
 * `port`: LDAP port, e.g. 389 or 636
-* `ssl`: true to use SSL
+* `ssl`: true to use SSL, usually implies the port 636
 * `sslopts`: additional SSL options
+* `tls`: true to start TLS, usually implies the port 389
+* `tlsopts`: additional TLS options
 * `base`: LDAP base, e.g. "dc=example,dc=com"
-* `uid`: attribute type to authenticate the user, e.g. when "cn", the filter will be "cn=username,base"
+* `uid`: LDAP attribute name to authenticate the user, e.g. when "cn", the filter will be "cn=username,base"
 
 ## Pleroma.Web.Auth.Authenticator
 
-- 
cgit v1.2.3