Merge pull request #4042 from stonezdj/ldap_doc_3962

Document update for LDAP/OVA
2018-01-22 15:45:37 +08:00 · 2018-01-22 15:45:37 +08:00 · d18517c910
parent dd546a222d 72180e4d44
commit d18517c910
3 changed files with 7 additions and 5 deletions
--- a/docs/img/ldap_auth.png
+++ b/docs/img/ldap_auth.png
--- a/docs/install_guide_ova.md
+++ b/docs/install_guide_ova.md
@ -108,4 +108,6 @@

    If everything worked properly, you should see the administration console. Refer to **[Harbor User Guide](user_guide.md)** for how to use Harbor.

-    ![Screenshot of after login](img/ovainstall/afterlogin.png)
+    ![Screenshot of after login](img/ovainstall/afterlogin.png)
+
+Please run "tdnf distro-sync" command from time to time to keep the OS up to date.
--- a/docs/user_guide.md
+++ b/docs/user_guide.md
@ -59,9 +59,9 @@ Harbor supports two authentication modes:

 	Under this authentication mode, users whose credentials are stored in an external LDAP or AD server can log in to Harbor directly.  
 	
-	When an LDAP/AD user logs in by *username* and *password*, Harbor binds to the LDAP/AD server with the **"LDAP Search DN"** and **"LDAP Search Password"** described in [installation guide](installation_guide.md). If it succeeded, Harbor looks up the user under the LDAP entry **"LDAP Base DN"** including substree. The attribute (such as uid, cn) specified by **"LDAP UID"** is used to match a user with the *username*. If a match is found, the user's *password* is verified by a bind request to the LDAP/AD server.  
+	When an LDAP/AD user logs in by *username* and *password*, Harbor binds to the LDAP/AD server with the **"LDAP Search DN"** and **"LDAP Search Password"** described in [installation guide](installation_guide.md). If it succeeded, Harbor looks up the user under the LDAP entry **"LDAP Base DN"** including substree. The attribute (such as uid, cn) specified by **"LDAP UID"** is used to match a user with the *username*. If a match is found, the user's *password* is verified by a bind request to the LDAP/AD server. Uncheck **"LDAP Verify Cert"** if the LDAP/AD server uses a self-signed or an untrusted certificate.
 	
-	Self-registration, changing password and resetting password are not supported under LDAP/AD authentication mode because the users are managed by LDAP or AD.  
+	Self-registration, deleting user, changing password and resetting password are not supported under LDAP/AD authentication mode because the users are managed by LDAP or AD.  

 ## Managing projects
 A project in Harbor contains all repositories of an application. No images can be pushed to Harbor before the project is created. RBAC is applied to a project. There are two types of projects in Harbor:  
@ -97,7 +97,7 @@ Project properties can be changed by clicking "Configuration".

 ## Managing members of a project  
 ### Adding members  
-You can add members with different roles to an existing project.  
+You can add members with different roles to an existing project. You can add a LDAP/AD user to project members under LDAP/AD authentication mode. 

 ![browse project](img/new_add_member.png)

@ -134,7 +134,7 @@ Entering a keyword in the search field at the top lists all matching projects an

 ## Administrator options  
 ### Managing user  
-Administrator can add "Administrator" role to an ordinary user by click button on the left and select "Set as Administrator". To delete a user, select "Delete". 
+Administrator can add "Administrator" role to an ordinary user by click button on the left and select "Set as Administrator". To delete a user, select "Delete". Deleting user is only supported under database authentication mode.

 ![browse project](img/new_set_admin_remove_user.png)