Commits

Peter Eisentraut committed 7eb559a

doc: Correct description of ldapurl

The ldapurl option doesn't actually support specifying a user name and
password.

Albe Laurenz

Comments (0)

Files changed (1)

doc/src/sgml/client-auth.sgml

        <term><literal>ldapurl</literal></term>
        <listitem>
         <para>
-         An RFC 4516 LDAP URL.  This is an alternative way to write most of the
+         An RFC 4516 LDAP URL.  This is an alternative way to write some of the
          other LDAP options in a more compact and standard form.  The format is
 <synopsis>
-ldap://[<replaceable>user</replaceable>[:<replaceable>password</replaceable>]@]<replaceable>host</replaceable>[:<replaceable>port</replaceable>]/<replaceable>basedn</replaceable>[?[<replaceable>attribute</replaceable>][?[<replaceable>scope</replaceable>]]]
+ldap://<replaceable>host</replaceable>[:<replaceable>port</replaceable>]/<replaceable>basedn</replaceable>[?[<replaceable>attribute</replaceable>][?[<replaceable>scope</replaceable>]]]
 </synopsis>
          <replaceable>scope</replaceable> must be one
          of <literal>base</literal>, <literal>one</literal>, <literal>sub</literal>,
         </para>
 
         <para>
+         For non-anonymous binds, <literal>ldapbinddn</literal>
+         and <literal>ldapbindpasswd</literal> must be specified as separate
+         options.
+        </para>
+
+        <para>
          To use encrypted LDAP connections, the <literal>ldaptls</literal>
          option has to be used in addition to <literal>ldapurl</literal>.
          The <literal>ldaps</literal> URL scheme (direct SSL connection) is not