From 33d8a0db7828aec928543a4ed81c15790765dc53 Mon Sep 17 00:00:00 2001
From: Steven Armstrong <steven-github@armstrong.cc>
Date: Mon, 3 Jun 2019 13:40:52 +0200
Subject: [PATCH] M #: document new :group_base ldap config (#638)

implemented in OpenNebula/one#3379

Signed-off-by: Steven Armstrong <steven.armstrong@id.ethz.ch>
---
 source/deployment/authentication_setup/ldap.rst | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/source/deployment/authentication_setup/ldap.rst b/source/deployment/authentication_setup/ldap.rst
index 081762244..25c1a381c 100644
--- a/source/deployment/authentication_setup/ldap.rst
+++ b/source/deployment/authentication_setup/ldap.rst
@@ -43,6 +43,9 @@ Configuration file for auth module is located at ``/etc/one/auth/ldap_auth.conf`
         # base hierarchy where to search for users and groups
         :base: 'dc=domain'
      
+        # alternative base hierarchy where to search for groups instead of :base:
+        #:group_base: 'ou=groups,dc=domain'
+
         # group the users need to belong to. If not set any user will do
         #:group: 'cn=cloud,ou=groups,dc=domain'
      
@@ -144,6 +147,9 @@ The structure is a hash where any key different to ``:order`` will contain the c
 +-----------------------+-------------------------------------------------+
 | ``:base``             | Base leaf where to perform user searches        |
 +-----------------------+-------------------------------------------------+
+| ``:group_base``       | Alternative base leaf where to perform group    |
+|                       | searches instead of in :base                    |
++-----------------------+-------------------------------------------------+
 | ``:group``            | If set the users need to belong to this group   |
 +-----------------------+-------------------------------------------------+
 | ``:user_field``       | Field in LDAP that holds the user name          |