From 7eb559a86d773e0105ae5823e0c776c3af3c3fe2 Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <peter_e@gmx.net>
Date: Mon, 31 Dec 2012 00:24:16 -0500
Subject: [PATCH] doc: Correct description of ldapurl
The ldapurl option doesn't actually support specifying a user name and
password.
Albe Laurenz
---
doc/src/sgml/client-auth.sgml | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml
index 23c3223736..d9d14955f0 100644
--- a/doc/src/sgml/client-auth.sgml
+++ b/doc/src/sgml/client-auth.sgml
@@ -1490,10 +1490,10 @@ omicron bryanh guest1
<term><literal>ldapurl</literal></term>
<listitem>
<para>
- An RFC 4516 LDAP URL. This is an alternative way to write most of the
+ An RFC 4516 LDAP URL. This is an alternative way to write some of the
other LDAP options in a more compact and standard form. The format is
<synopsis>
-ldap://[<replaceable>user</replaceable>[:<replaceable>password</replaceable>]@]<replaceable>host</replaceable>[:<replaceable>port</replaceable>]/<replaceable>basedn</replaceable>[?[<replaceable>attribute</replaceable>][?[<replaceable>scope</replaceable>]]]
+ldap://<replaceable>host</replaceable>[:<replaceable>port</replaceable>]/<replaceable>basedn</replaceable>[?[<replaceable>attribute</replaceable>][?[<replaceable>scope</replaceable>]]]
</synopsis>
<replaceable>scope</replaceable> must be one
of <literal>base</literal>, <literal>one</literal>, <literal>sub</literal>,
@@ -1502,6 +1502,12 @@ ldap://[<replaceable>user</replaceable>[:<replaceable>password</replaceable>]@]<
not supported.
</para>
+ <para>
+ For non-anonymous binds, <literal>ldapbinddn</literal>
+ and <literal>ldapbindpasswd</literal> must be specified as separate
+ options.
+ </para>
+
<para>
To use encrypted LDAP connections, the <literal>ldaptls</literal>
option has to be used in addition to <literal>ldapurl</literal>.
--
2.40.0