mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
docs: fix tables (#2468)
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
This commit is contained in:
parent
4161fbd818
commit
183f0974ae
|
@ -192,16 +192,16 @@ search.
|
|||
#### Users filter replacements
|
||||
|Placeholder |Phase |Replacement |
|
||||
|:----------------------:|:-----:|:--------------------------------------------------------------:|
|
||||
|{username_attribute} |startup|The [username attribute](#username_attribute) configured |
|
||||
|{mail_attribute} |startup|The [mail attribute](#mail_attribute) configured |
|
||||
|{display_name_attribute}|startup|The [display name attribute](#display_name_attribute) configured|
|
||||
|{username_attribute} |startup|The configured username attribute |
|
||||
|{mail_attribute} |startup|The configured mail attribute |
|
||||
|{display_name_attribute}|startup|The configured display name attribute |
|
||||
|{input} |search |The input into the username field |
|
||||
|
||||
#### Groups filter replacements
|
||||
|Placeholder |Phase |Replacement |
|
||||
|:----------------------:|:-----:|:-------------------------------------------------------------------------:|
|
||||
|{input} |search |The input into the username field |
|
||||
|{username} |search |The username from the profile lookup obtained from the [username attribute]|
|
||||
|{username} |search |The username from the profile lookup obtained from the username attribute |
|
||||
|{dn} |search |The distinguished name from the profile lookup |
|
||||
|
||||
### Defaults
|
||||
|
@ -211,10 +211,10 @@ The below tables describes the current attribute defaults for each implementatio
|
|||
This table describes the attribute defaults for each implementation. i.e. the username_attribute is
|
||||
described by the Username column.
|
||||
|
||||
|Implementation |Username |Display Name|Mail|Group Name|
|
||||
|:-------------:|:------------:|:----------:|:--:|:--------:|
|
||||
|custom |n/a |displayName |mail|cn |
|
||||
|activedirectory|sAMAccountName|displayName |mail|cn |
|
||||
|Implementation |Username |Display Name|Mail |Group Name|
|
||||
|:-------------:|:------------:|:----------:|:---:|:--------:|
|
||||
|custom |n/a |displayName |mail |cn |
|
||||
|activedirectory|sAMAccountName|displayName |mail |cn |
|
||||
|
||||
#### Filter defaults
|
||||
The filters are probably the most important part to get correct when setting up LDAP.
|
||||
|
@ -225,10 +225,9 @@ makes sure that value is not 0 which means the password requires changing at the
|
|||
|
||||
|Implementation |Users Filter |Groups Filter|
|
||||
|:-------------:|:------------:|:-----------:|
|
||||
|custom |n/a |n/a |
|
||||
|custom |n/a |n/a |
|
||||
|activedirectory|(&(|({username_attribute}={input})({mail_attribute}={input}))(sAMAccountType=805306368)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(!(pwdLastSet=0)))|(&(member={dn})(objectClass=group)(objectCategory=group))|
|
||||
|
||||
|
||||
_**Note:**_ The Active Directory filter `(sAMAccountType=805306368)` is exactly the same as
|
||||
`(&(objectCategory=person)(objectClass=user))` except that the former is more performant, you can read more about this
|
||||
and other Active Directory filters on the [TechNet wiki](https://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx).
|
||||
|
@ -265,5 +264,4 @@ In versions <= `4.24.0` not including the `username_attribute` placeholder will
|
|||
and will result in session resets when the refresh interval has expired, default of 5 minutes.
|
||||
|
||||
[LDAP GeneralizedTime]: https://ldapwiki.com/wiki/GeneralizedTime
|
||||
[username attribute]: #username_attribute
|
||||
[TechNet wiki]: https://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx
|
Loading…
Reference in New Issue
Block a user