From e222074758de0d964920a6a0b57bd37c2821ad9a Mon Sep 17 00:00:00 2001
From: Simo Sorce <idra@samba.org>
Date: Wed, 11 Apr 2007 21:50:59 +0000
Subject: [PATCH] Auth info for idmap_ldap net idmap

---
 docs/manpages-3/idmap_ldap.8.xml | 27 +++++++++++++++++++++++++++
 docs/manpages-3/net.8.xml        | 29 +++++++++++++++++++++++++++++
 2 files changed, 56 insertions(+)

diff --git a/docs/manpages-3/idmap_ldap.8.xml b/docs/manpages-3/idmap_ldap.8.xml
index 6794b49c797..173964f1694 100644
--- a/docs/manpages-3/idmap_ldap.8.xml
+++ b/docs/manpages-3/idmap_ldap.8.xml
@@ -37,6 +37,14 @@
 		</varlistentry>
 
 		<varlistentry>
+		<term>ldap_user_dn = DN</term>
+		<listitem><para>
+			Defines the user DN to be used for authentication. If absent an
+			anonymous bind will be performed.
+		</para></listitem>
+		</varlistentry>
+
+		<varlistentry>
 		<term>ldap_url = ldap://server/</term>
 		<listitem><para>
 			Specifies the LDAP server to use when searching for existing 
@@ -73,6 +81,14 @@
 		</varlistentry>
 
 		<varlistentry>
+		<term>ldap_user_dn = DN</term>
+		<listitem><para>
+			Defines the user DN to be used for authentication. If absent an
+			anonymous bind will be performed.
+		</para></listitem>
+		</varlistentry>
+
+		<varlistentry>
 		<term>ldap_url = ldap://server/</term>
 		<listitem><para>
 			Specifies the LDAP server to which modify/add/delete requests should
@@ -121,6 +137,17 @@
 	</programlisting>
 </refsect1>
 
+<refsynopsisdiv>
+	<title>NOTE</title>
+
+	<para>In order to use authentication against ldap servers you may
+	need to provide a DN and a password. To avoid exposing the password
+	in plain text in the configuration file we store it into a security
+	store. The &quot;net idmap &quot; command is used to store a secret
+	for the DN specified in a specific idmap domain.
+	</para>
+</refsynopsisdiv>
+
 <refsect1>
 	<title>AUTHOR</title>
 
diff --git a/docs/manpages-3/net.8.xml b/docs/manpages-3/net.8.xml
index 0e08a8e9d3c..aaa5658d68b 100644
--- a/docs/manpages-3/net.8.xml
+++ b/docs/manpages-3/net.8.xml
@@ -1147,6 +1147,35 @@ and groups (Domain Users, Domain Admins, Domain Guests) on the ldap tree.
 </refsect2>
 
 <refsect2>
+<title>IDMAP DUMP &lt;output file&gt;</title>
+
+<para>
+Dumps the mappings in the specified output file.
+</para>
+
+</refsect2>
+
+<refsect2>
+<title>IDMAP RESTORE [input file]</title>
+
+<para>
+Restore the mappings from the specified file or stdin.
+</para>
+
+</refsect2>
+
+<refsect2>
+<title>IDMAP SECRET &lt;DOMAIN&gt;|ALLOC &lt;secret&gt;</title>
+
+<para>
+Store a secret for the sepcified domain, used primarily for domains
+that use idmap_ldap as a backend. In this case the secret is used
+as the password for the user DN used to bind to the ldap server.
+</para>
+
+</refsect2>
+
+<refsect2>
 <title>USERSHARE</title>
 
 <para>Starting with version 3.0.23, a Samba server now supports the ability for
-- 
2.11.4.GIT