RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs: fix tables (#2468) 

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
pull/2469/head
James Elliott 2021-10-08 11:32:57 +11:00 committed by GitHub
parent 4161fbd818
commit 183f0974ae
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/configuration/authentication/ldap.md
View File

@ -192,16 +192,16 @@ search.
#### Users filter replacements
|Placeholder |Phase |Replacement |
|:----------------------:|:-----:|:--------------------------------------------------------------:|
|{username_attribute} |startup|The [username attribute](#username_attribute) configured |
|{mail_attribute} |startup|The [mail attribute](#mail_attribute) configured |
|{display_name_attribute}|startup|The [display name attribute](#display_name_attribute) configured|
|{username_attribute} |startup|The configured username attribute |
|{mail_attribute} |startup|The configured mail attribute |
|{display_name_attribute}|startup|The configured display name attribute |
|{input} |search |The input into the username field |
#### Groups filter replacements
|Placeholder |Phase |Replacement |
|:----------------------:|:-----:|:-------------------------------------------------------------------------:|
|{input} |search |The input into the username field |
|{username} |search |The username from the profile lookup obtained from the [username attribute]|
|{username} |search |The username from the profile lookup obtained from the username attribute |
|{dn} |search |The distinguished name from the profile lookup |
### Defaults
@ -212,7 +212,7 @@ This table describes the attribute defaults for each implementation. i.e. the us
described by the Username column.
|Implementation |Username |Display Name|Mail |Group Name|
|:-------------:|:------------:|:----------:|:--:|:--------:|
|:-------------:|:------------:|:----------:|:---:|:--------:|
|custom |n/a |displayName |mail |cn |
|activedirectory|sAMAccountName|displayName |mail |cn |
@ -228,7 +228,6 @@ makes sure that value is not 0 which means the password requires changing at the
|custom |n/a |n/a |
|activedirectory|(&(&#124;({username_attribute}={input})({mail_attribute}={input}))(sAMAccountType=805306368)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(!(pwdLastSet=0)))|(&(member={dn})(objectClass=group)(objectCategory=group))|
_**Note:**_ The Active Directory filter `(sAMAccountType=805306368)` is exactly the same as
`(&(objectCategory=person)(objectClass=user))` except that the former is more performant, you can read more about this
and other Active Directory filters on the [TechNet wiki](https://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx).
@ -265,5 +264,4 @@ In versions <= `4.24.0` not including the `username_attribute` placeholder will
and will result in session resets when the refresh interval has expired, default of 5 minutes.
[LDAP GeneralizedTime]: https://ldapwiki.com/wiki/GeneralizedTime
[username attribute]: #username_attribute
[TechNet wiki]: https://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx