Clarify binding options and remove mention of deny_null_bind #1337
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
Vercel Previews Deployed
|
schavis
requested changes
Nov 18, 2025
| In order for `userfilter` to apply for authenticated searches, `binddn` and `bindpass` must be set. | ||
| For anonymous search, `discoverdn` must be set to `true`, and `deny_null_bind` must be set to false. | ||
| The LDAP auth method supports the following methods for resolving the user object used to authenticate the end user: | ||
| - **Search** - Searches the LDAP server directory for the user object based on the provided username. This search can performed in one of two ways: |
Contributor
There was a problem hiding this comment.
Suggested change
| - **Search** - Searches the LDAP server directory for the user object based on the provided username. This search can performed in one of two ways: | |
| - **Search** - Searches the LDAP server directory for the user object based on the provided username. You can search in two ways: |
Style correction: avoid "this" as a pronoun
| In order for `userfilter` to apply for authenticated searches, `binddn` and `bindpass` must be set. | ||
| For anonymous search, `discoverdn` must be set to `true`, and `deny_null_bind` must be set to false. | ||
| The LDAP auth method supports the following methods for resolving the user object used to authenticate the end user: | ||
| - **Search** - Searches the LDAP server directory for the user object based on the provided username. This search can performed in one of two ways: |
Contributor
There was a problem hiding this comment.
Suggested change
| - **Search** - Searches the LDAP server directory for the user object based on the provided username. This search can performed in one of two ways: | |
| - **Search** - Searches the LDAP server directory for the user object based on the provided username. You can search in two ways: |
Edited to match
| In order for `userfilter` to apply for authenticated searches, `binddn` and `bindpass` must be set. | ||
| For anonymous search, `discoverdn` must be set to `true`, and `deny_null_bind` must be set to false. | ||
| The LDAP auth method supports the following methods for resolving the user object used to authenticate the end user: | ||
| - **Search** - Searches the LDAP server directory for the user object based on the provided username. This search can performed in one of two ways: |
Contributor
There was a problem hiding this comment.
Suggested change
| - **Search** - Searches the LDAP server directory for the user object based on the provided username. This search can performed in one of two ways: | |
| - **Search** - Searches the LDAP server directory for the user object based on the provided username. You can search in two ways: |
Edited to match
| In order for `userfilter` to apply for authenticated searches, `binddn` and `bindpass` must be set. | ||
| For anonymous search, `discoverdn` must be set to `true`, and `deny_null_bind` must be set to false. | ||
| The LDAP auth method supports the following methods for resolving the user object used to authenticate the end user: | ||
| - **Search** - Searches the LDAP server directory for the user object based on the provided username. This search can performed in one of two ways: |
Contributor
There was a problem hiding this comment.
Suggested change
| - **Search** - Searches the LDAP server directory for the user object based on the provided username. This search can performed in one of two ways: | |
| - **Search** - Searches the LDAP server directory for the user object based on the provided username. You can search in two ways: |
Edited to match
Contributor
Broken Link CheckerNo broken links found! 🎉 |
Co-authored-by: Sarah Chavis <[email protected]>
schavis
approved these changes
Nov 18, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The LDAP auth method docs were erroneously stating anonymous search required the
deny_null_bindparameter to be set to false. This PR removes mention of this parameter and clarifies the options for resolving the DN of the login user.