Normation · jooooooon · Jun 9, 2014 · Jun 9, 2014 · jooooooon · Jun 9, 2014
diff --git a/20_usage/10_web_interface.txt b/20_usage/10_web_interface.txt
@@ -1,14 +1,7 @@
 === Authentication
 
 When accessing the Rudder web interface, a login / password is required.  The
-default accounts are:
-
-|====
-|*Login*  | *Password* | *Privilege level*
-|jon.doe  | secret     | Administrator
-|alex.bar | secret2    | Read-only
-|bob.foo  | secret3    | User and validator (workflows)
-|====
+default account is "admin" (Password: admin).
 
 You can change the user accounts by following the <<user-management, User management>>
 procedure.

diff --git a/23_administration/80_user_management.txt b/23_administration/80_user_management.txt
@@ -94,22 +94,11 @@ only see a reduced version of Rudder homepage, with no action nor tabs available
 
 
 The credentials of a user are defined in the XML file
-+/opt/rudder/etc/rudder-users.xml+. This file expects the following format:
++/opt/rudder/etc/rudder-users.xml+. It expects the same format as regular file-based
+user login, but in this case "name" will be the login used to connect to LDAP and the
+'password' field will be ignored and should be set to "LDAP" to make it clear that
+this Rudder installation uses LDAP to log users in.
 
-----
-
-<authentication>
-  <user name="alice" password="LDAP" role="administrator"/>
-  <user name="bob"   password="LDAP" role="administration_only, node_read"/>
-  <user name="carol" password="LDAP" role="node_read,node_write,configuration_read,rule_read,rule_edit,directive_read,technique_read"
-</authentication>
-
-----
-
-Where 'name' is the login used in Rudder to find the user. 
-When LDAP authentication is enabled, the 'password' field is ignored and by convention, 
-it is set to 'LDAP' value (so that there is an insight about the authentication used).
-
 
 Every modification of this file should be followed by a restart of the Rudder
 web application to be taken into account:
@@ -132,28 +121,36 @@ credential provided by the user.
 
 
 So next, you have to set-up the connection parameters to the LDAP directory to use. 
-There is three properties to change:
+There are five properties to change:
 
 - rudder.auth.ldap.connection.url
 - rudder.auth.ldap.connection.bind.dn
 - rudder.auth.ldap.connection.bind.password
+- rudder.auth.ldap.searchbase
+- rudder.auth.ldap.filter
+
+The search base and filter are used to find the user. The search base may be left empty, and
+in the filter, {0} will be replaced by the value provided as user login.
+
+Here are some usage examples,
 
+on standard LDAP:
+
+----
 
-#
-# Search base and filter to use to find the user. 
-# The search base can be left empty. 
-# In the filter, {0} denotes the value provided as
-# login by the user. 
-#
 rudder.auth.ldap.searchbase=ou=People
 rudder.auth.ldap.filter=(&(uid={0})(objectclass=person))
 
-#
-# An AD example would be:
-# 
-#rudder.auth.ldap.searchbase=
-#rudder.auth.ldap.filter=(&(sAMAccountName={0})(objectclass=user))
+----
+
+on Active Directory:
 
+----
+
+rudder.auth.ldap.searchbase=
+rudder.auth.ldap.filter=(&(sAMAccountName={0})(objectclass=user))
+
+----
 
 
 ==== Authorization management

diff --git a/getting-started/getting-started.txt b/getting-started/getting-started.txt
@@ -142,7 +142,7 @@ creating a file on the system
 
 With your web browser, go to the Login page of the Rudder Server - in this case
 http://rudder-server. You'll arrive on the login page. The default credentials
-are : jon.doe / secret
+are : admin / admin
 
 .Login page
 image::http://www.rudder-project.org/images/getting-started/login.png[]

diff --git a/rudder-doc.conf b/rudder-doc.conf
@@ -20,6 +20,7 @@ emphasizedwords="Java"
 emphasizedwords="\bLDAP\b"
 emphasizedwords="Lenny"
 emphasizedwords="Microsoft\sWindows"
+emphasizedwords="Active\sDirectory"
 emphasizedwords="Node(\s+Configuration|\s+Group)?s?"
 emphasizedwords="Normation"
 emphasizedwords="\bNova\b"