Skip to content

Commit 47d9ad7

Browse files
jrodewigjrodewig
committed
[DOCS] Standardize docs for url setting (#41117)
1 parent 712bfbb commit 47d9ad7

File tree

1 file changed

+19
-9
lines changed

1 file changed

+19
-9
lines changed

docs/reference/settings/security-settings.asciidoc

Lines changed: 19 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -255,10 +255,13 @@ Defaults to `true`.
255255
The `type` setting must be set to `ldap`. In addition to the
256256
<<ref-realm-settings>>, you can specify the following settings:
257257

258-
`url`:: Specifies one or more LDAP URLs in the format
259-
`ldap[s]://<server>:<port>`. Multiple URLs can be defined using a comma
260-
separated value or array syntax: `[ "ldaps://server1:636", "ldaps://server2:636" ]`.
261-
`ldaps` and `ldap` URL protocols cannot be mixed in the same realm. Required.
258+
`url`::
259+
One or more LDAP URLs in the `ldap[s]://<server>:<port>` format. Required.
260+
+
261+
To provide multiple URLs, use a YAML array (`["ldap://server1:636", "ldap://server2:636"]`)
262+
or comma-separated string (`"ldap://server1:636, ldap://server2:636"`).
263+
+
264+
While both are supported, you can't mix the `ldap` and `ldaps` protocols.
262265

263266
`load_balance.type`::
264267
The behavior to use when there are multiple LDAP URLs defined. For supported
@@ -525,11 +528,18 @@ The `type` setting must be set to `active_directory`. In addition to the
525528
the following settings:
526529

527530
`url`::
528-
An LDAP URL of the form `ldap[s]://<server>:<port>`. {es} attempts to
529-
authenticate against this URL. If the URL is not specified, it is derived from
530-
the `domain_name` setting and assumes an unencrypted connection to port 389.
531-
Defaults to `ldap://<domain_name>:389`. This setting is required when connecting
532-
using SSL/TLS or when using a custom port.
531+
One or more LDAP URLs in the `ldap[s]://<server>:<port>` format. Defaults to
532+
`ldap://<domain_name>:389`. This setting is required when connecting using
533+
SSL/TLS or when using a custom port.
534+
+
535+
To provide multiple URLs, use a YAML array (`["ldap://server1:636", "ldap://server2:636"]`)
536+
or comma-separated string (`"ldap://server1:636, ldap://server2:636"`).
537+
+
538+
While both are supported, you can't mix the `ldap` and `ldaps` protocols.
539+
+
540+
If no URL is provided, {es} uses a default of `ldap://<domain_name>:389`. This
541+
default uses the `domain_name` setting value and assumes an unencrypted
542+
connection to port 389.
533543

534544
`load_balance.type`::
535545
The behavior to use when there are multiple LDAP URLs defined. For supported

0 commit comments

Comments
 (0)