From: Derek Date: Tue, 25 Sep 2018 18:18:03 +0000 (-0700) Subject: corrected reference to AD common names X-Git-Url: http://source.bookstackapp.com/website/commitdiff_plain/dd55db52c1715168fe1daf5d7df9f044948d2f92 corrected reference to AD common names --- diff --git a/content/docs/admin/ldap-auth.md b/content/docs/admin/ldap-auth.md index 103c50e..1e867d7 100644 --- a/content/docs/admin/ldap-auth.md +++ b/content/docs/admin/ldap-auth.md @@ -60,7 +60,7 @@ LDAP_VERSION=3 ### LDAP Group Sync BookStack has the ability to sync LDAP user groups with BookStack roles. By default this will match LDAP group names with the BookStack role display names with casing ignored. -This can be overridden by via the 'External Authentication IDs' field which can be seen when editing a role while LDAP authentication is enabled. This field can be populated with distinguished names (DNs) of accounts *or* groups. If filled, DNs in this field will be used and the role name will be ignored. You can match on multiple DNs by separating them with a comma. +This can be overridden by via the 'External Authentication IDs' field which can be seen when editing a role while LDAP authentication is enabled. This field can be populated with common names (CNs) of accounts *or* groups. If filled, CNs in this field will be used and the role name will be ignored. You can match on multiple CNs by separating them with a comma. This feature requires the LDAP server to be able to provide user groups when queried. This is enabled by default on ActiveDirectory via the 'memberOf' attribute but other LDAP systems may need to be configured to enable such functionality. If using OpenLDAP you'll need to setup the memberof overlay.