From 8374fd9a7edf1eb2009fe33222caed1d91ab1c1f Mon Sep 17 00:00:00 2001
From: Tomasz Durda <tomekdur@wp.pl>
Date: Mon, 8 Jun 2020 18:40:01 +0200
Subject: [PATCH] Added note over OpenLDAP

---
 LDAP.md | 29 ++++++++++++++++++++++++++++-
 1 file changed, 28 insertions(+), 1 deletion(-)

diff --git a/LDAP.md b/LDAP.md
index 66e1afa..7355c35 100644
--- a/LDAP.md
+++ b/LDAP.md
@@ -4,7 +4,9 @@ Custom values can be injected using environment variables, similar to the main c
 
 ## Override example
 
-Among others you can use *docker-compose.override.yml* to inject necessary variables. Example override file for Active Directory:
+Among others you can use *docker-compose.override.yml* to inject necessary variables. 
+
+### Example override file for Active Directory
 
 ```
 version: '3.4'
@@ -14,11 +16,36 @@ services:
     environment:
       AUTH_LDAP_SERVER_URI: "ldaps://domain.com"
       AUTH_LDAP_BIND_DN: "CN=Netbox,OU=EmbeddedDevices,OU=MyCompany,DC=domain,dc=com"
+      AUTH_LDAP_BIND_PASSWORD: "TopSecretPassword"
       AUTH_LDAP_USER_SEARCH_BASEDN: "OU=MyCompany,DC=domain,dc=com"
       AUTH_LDAP_GROUP_SEARCH_BASEDN: "OU=SubGroups,OU=MyCompany,DC=domain,dc=com"
       AUTH_LDAP_REQUIRE_GROUP_DN: "CN=Netbox-User,OU=SoftwareGroups,OU=SubGroups,OU=MyCompany,DC=domain,dc=com"
       AUTH_LDAP_IS_ADMIN_DN: "CN=Network Configuration Operators,CN=Builtin,DC=domain,dc=com"
       AUTH_LDAP_IS_SUPERUSER_DN: "CN=Domain Admins,CN=Users,DC=domain,dc=com"
+      LDAP_IGNORE_CERT_ERRORS: "false"
+```
+
+### Example override file for OpenLDAP
+
+**NOTE**: Currently, there are reported issues associated with OpenLDAP support
+
+```
+version: '3.4'
+services:
+  netbox:
+    image: netboxcommunity/netbox:${VERSION-latest-ldap}
+    environment:
+      AUTH_LDAP_SERVER_URI: "ldaps://domain.com"
+      AUTH_LDAP_BIND_DN: "cn=netbox,ou=services,dc=domain,dc=com"
       AUTH_LDAP_BIND_PASSWORD: "TopSecretPassword"
+      AUTH_LDAP_USER_SEARCH_BASEDN: "ou=people,dc=domain,dc=com"
+      AUTH_LDAP_GROUP_SEARCH_BASEDN: "ou=groups,dc=domain,dc=com"
+      AUTH_LDAP_REQUIRE_GROUP_DN: "cn=netbox" # or "cn=netbox,ou=groups,dc=domain,dc=com"
+      AUTH_LDAP_IS_ADMIN_DN: "cn=donkey,ou=people,dc=domain,dc=com"
+      AUTH_LDAP_IS_SUPERUSER_DN: "cn=shrek,ou=people,dc=domain,dc=com"
+      AUTH_LDAP_USER_SEARCH_ATTR = "cn"
+      AUTH_LDAP_GROUP_SEARCH_CLASS = "groupOfUniqueNames"
+      AUTH_LDAP_ATTR_LASTNAME = "sn"
+      AUTH_LDAP_ATTR_FIRSTNAME = "givenName"
       LDAP_IGNORE_CERT_ERRORS: "false"
 ```
\ No newline at end of file