Skip to content

[DOCS] Standardize docs for url setting #41117

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Apr 24, 2019
Merged

[DOCS] Standardize docs for url setting #41117

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0fbcc1d
[DOCS] Standardize docs for `url` setting
jrodewig Apr 10, 2019
ef9d7d7
[DOCS] Revise docs for LDAP and Active Directory realm setting
jrodewig Apr 12, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 19 additions & 9 deletions docs/reference/settings/security-settings.asciidoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -278,10 +278,13 @@ Defaults to `true`.
The `type` setting must be set to `ldap`. In addition to the
<<ref-realm-settings>>, you can specify the following settings:

`url`:: Specifies one or more LDAP URLs in the format
`ldap[s]://<server>:<port>`. Multiple URLs can be defined using a comma
separated value or array syntax: `[ "ldaps://server1:636", "ldaps://server2:636" ]`.
`ldaps` and `ldap` URL protocols cannot be mixed in the same realm. Required.
`url`::
One or more LDAP URLs in the `ldap[s]://<server>:<port>` format. Required.
+
To provide multiple URLs, use a YAML array (`["ldap://server1:636", "ldap://server2:636"]`)
or comma-separated string (`"ldap://server1:636, ldap://server2:636"`).
+
While both are supported, you can't mix the `ldap` and `ldaps` protocols.
Copy link
Contributor

@tvernum tvernum Apr 15, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The above is correct.

I do wonder whether the last sentence is too colloquial for non-native speakers, but I'll defer to the the docs team on that.

Copy link
Contributor Author

@jrodewig jrodewig Apr 15, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @tvernum. @debadair @lcawl let me know what you feel about the sentence @tvernum is referencing here:

While both are supported, you can't mix the ldapandldaps protocols.

I think we're within style bounds here, but I'd appreciate any feedback. Thanks as always!


`load_balance.type`::
The behavior to use when there are multiple LDAP URLs defined. For supported
Expand Down Expand Up @@ -547,11 +550,18 @@ The `type` setting must be set to `active_directory`. In addition to the
the following settings:

`url`::
An LDAP URL of the form `ldap[s]://<server>:<port>`. {es} attempts to
authenticate against this URL. If the URL is not specified, it is derived from
the `domain_name` setting and assumes an unencrypted connection to port 389.
Defaults to `ldap://<domain_name>:389`. This setting is required when connecting
using SSL/TLS or when using a custom port.
One or more LDAP URLs in the `ldap[s]://<server>:<port>` format. Defaults to
`ldap://<domain_name>:389`. This setting is required when connecting using
SSL/TLS or when using a custom port.
+
To provide multiple URLs, use a YAML array (`["ldap://server1:636", "ldap://server2:636"]`)
or comma-separated string (`"ldap://server1:636, ldap://server2:636"`).
+
While both are supported, you can't mix the `ldap` and `ldaps` protocols.
+
If no URL is provided, {es} uses a default of `ldap://<domain_name>:389`. This
default uses the `domain_name` setting value and assumes an unencrypted
connection to port 389.

`load_balance.type`::
The behavior to use when there are multiple LDAP URLs defined. For supported
Expand Down