Skip to content

Commit e4673d5

Browse files
jrodewigjrodewig
committed
[DOCS] Standardize docs for url setting (#41117)
1 parent 6496df6 commit e4673d5

File tree

1 file changed

+19
-9
lines changed

1 file changed

+19
-9
lines changed

docs/reference/settings/security-settings.asciidoc

Lines changed: 19 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -285,10 +285,13 @@ Defaults to `true`.
285285
The `type` setting must be set to `ldap`. In addition to the
286286
<<ref-realm-settings>>, you can specify the following settings:
287287

288-
`url`:: Specifies one or more LDAP URLs in the format
289-
`ldap[s]://<server>:<port>`. Multiple URLs can be defined using a comma
290-
separated value or array syntax: `[ "ldaps://server1:636", "ldaps://server2:636" ]`.
291-
`ldaps` and `ldap` URL protocols cannot be mixed in the same realm. Required.
288+
`url`::
289+
One or more LDAP URLs in the `ldap[s]://<server>:<port>` format. Required.
290+
+
291+
To provide multiple URLs, use a YAML array (`["ldap://server1:636", "ldap://server2:636"]`)
292+
or comma-separated string (`"ldap://server1:636, ldap://server2:636"`).
293+
+
294+
While both are supported, you can't mix the `ldap` and `ldaps` protocols.
292295

293296
`load_balance.type`::
294297
The behavior to use when there are multiple LDAP URLs defined. For supported
@@ -555,11 +558,18 @@ The `type` setting must be set to `active_directory`. In addition to the
555558
the following settings:
556559

557560
`url`::
558-
An LDAP URL of the form `ldap[s]://<server>:<port>`. {es} attempts to
559-
authenticate against this URL. If the URL is not specified, it is derived from
560-
the `domain_name` setting and assumes an unencrypted connection to port 389.
561-
Defaults to `ldap://<domain_name>:389`. This setting is required when connecting
562-
using SSL/TLS or when using a custom port.
561+
One or more LDAP URLs in the `ldap[s]://<server>:<port>` format. Defaults to
562+
`ldap://<domain_name>:389`. This setting is required when connecting using
563+
SSL/TLS or when using a custom port.
564+
+
565+
To provide multiple URLs, use a YAML array (`["ldap://server1:636", "ldap://server2:636"]`)
566+
or comma-separated string (`"ldap://server1:636, ldap://server2:636"`).
567+
+
568+
While both are supported, you can't mix the `ldap` and `ldaps` protocols.
569+
+
570+
If no URL is provided, {es} uses a default of `ldap://<domain_name>:389`. This
571+
default uses the `domain_name` setting value and assumes an unencrypted
572+
connection to port 389.
563573

564574
`load_balance.type`::
565575
The behavior to use when there are multiple LDAP URLs defined. For supported

0 commit comments

Comments
 (0)