From d5845872bc8a58c4b6674ddfe909030a768df936 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 23 Aug 2016 15:50:52 +0800 Subject: [PATCH] layout correction --- admin_manual/configuration_user/user_auth_ldap.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/admin_manual/configuration_user/user_auth_ldap.rst b/admin_manual/configuration_user/user_auth_ldap.rst index e45e7ef39..bda8f8df7 100644 --- a/admin_manual/configuration_user/user_auth_ldap.rst +++ b/admin_manual/configuration_user/user_auth_ldap.rst @@ -385,15 +385,15 @@ Enable LDAP password changes per user: * General requirements: | - Access control policies must be configured on the LDAP server to grant permissions for password changes. - | + | | - Passwords are sent in plaintext to the LDAP server. Therefore, transport encryption must be used for the communication between Nextcloud and the LDAP server, e.g. employ LDAPS. - | + | | - Enabling password hashing on the LDAP server is highly recommended. While Active Directory stores passwords in a one-way format by default, OpenLDAP users could configure the ``ppolicy_hash_cleartext`` directive of the ppolicy overlay that ships with OpenLDAP. * Additional requirements for Active Directory: | - At least a 128-bit transport encryption must be used for the communication between Nextcloud and the LDAP server - | + | | - Make sure that the ``fUserPwdSupport`` char of the dSHeuristics is configured to employ the ``userPassword`` attribute as ``unicodePwd`` alias. While this is set accordingly on AD LDS by default, this is not the case on AD DS.