diff --git a/docs/installation_guide.md b/docs/installation_guide.md index edd4d6644..2672ae44a 100644 --- a/docs/installation_guide.md +++ b/docs/installation_guide.md @@ -94,7 +94,7 @@ may not be able to log in after the upgrade. * **ldap_basedn**: The base DN to look up a user, e.g. `ou=people,dc=mydomain,dc=com`. _Only used when **auth_mode** is set to *ldap_auth* ._ * **ldap_filter**:The search filter for looking up a user, e.g. `(objectClass=person)`. * **ldap_uid**: The attribute used to match a user during a LDAP search, it could be uid, cn, email or other attributes. -* **ldap_scope**: The scope to search for a user, 1-LDAP_SCOPE_BASE, 2-LDAP_SCOPE_ONELEVEL, 3-LDAP_SCOPE_SUBTREE. Default is 3. +* **ldap_scope**: The scope to search for a user, 0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE. Default is 2. * **self_registration**: (**on** or **off**. Default is **on**) Enable / Disable the ability for a user to register himself/herself. When disabled, new users can only be created by the Admin user, only an admin user can create new users in Harbor. _NOTE: When **auth_mode** is set to **ldap_auth**, self-registration feature is **always** disabled, and this flag is ignored._ * **token_expiration**: The expiration time (in minutes) of a token created by token service, default is 30 minutes. * **project_creation_restriction**: The flag to control what users have permission to create projects. By default everyone can create a project, set to "adminonly" such that only admin can create project. diff --git a/docs/swagger.yaml b/docs/swagger.yaml index 94f4cc70a..e06318577 100644 --- a/docs/swagger.yaml +++ b/docs/swagger.yaml @@ -2919,7 +2919,7 @@ definitions: description: The filter for LDAP binding. ldap_scope: type: integer - description: 1-LDAP_SCOPE_BASE, 2-LDAP_SCOPE_ONELEVEL, 3-LDAP_SCOPE_SUBTREE + description: 0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE ldap_uid: type: string description: The attribute which is used as identity for the LDAP binding, such as "CN" or "SAMAccountname" diff --git a/make/harbor.cfg b/make/harbor.cfg index 96032547e..00555e6dd 100644 --- a/make/harbor.cfg +++ b/make/harbor.cfg @@ -89,8 +89,8 @@ ldap_basedn = ou=people,dc=mydomain,dc=com # The attribute used in a search to match a user, it could be uid, cn, email, sAMAccountName or other attributes depending on your LDAP/AD ldap_uid = uid -#the scope to search for users, 1-LDAP_SCOPE_BASE, 2-LDAP_SCOPE_ONELEVEL, 3-LDAP_SCOPE_SUBTREE -ldap_scope = 3 +#the scope to search for users, 0-LDAP_SCOPE_BASE, 1-LDAP_SCOPE_ONELEVEL, 2-LDAP_SCOPE_SUBTREE +ldap_scope = 2 #Timeout (in seconds) when connecting to an LDAP Server. The default value (and most reasonable) is 5 seconds. ldap_timeout = 5