From 518d894772436a83adb54546ba6a7cdd51705a70 Mon Sep 17 00:00:00 2001
From: Marco Dickert <github@misterunknown.de>
Date: Thu, 5 Dec 2019 12:01:50 +0100
Subject: [PATCH] Adding new ldap filter feature and example

---
 Authentication.md | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/Authentication.md b/Authentication.md
index d42faec..e1ac7c0 100644
--- a/Authentication.md
+++ b/Authentication.md
@@ -17,6 +17,12 @@ Currently there are three supported authentication sources:
 * The file should be a valid htpasswd file. It can be generated using the [htpasswd](https://httpd.apache.org/docs/current/programs/htpasswd.html) utility.
 
 ### ldap
-* syntax: `ldap;<SERVER>;<ROOTDN>`
+* syntax: `ldap;<SERVER>;<ROOTDN>[;<FILTER>]`
 * `<SERVER>` has to be the ip or name of the server. You can optional specify the port separated with a colon.
-* `<ROOTDN>` specifies the rootdn. The IFM prepends "uid=" and the entered username.
\ No newline at end of file
+* `<ROOTDN>` specifies the rootdn. The IFM prepends "uid=" and the entered username.
+* `<FILTER>` is optional and specifies a common ldap filter string, which can for example be used to specify a group or something
+
+full ldap example:
+```
+ldap;cn=accounts,dc=company,dc=com;(&(!(nsAccountLock=TRUE))(memberOf=cn=web_editors,cn=groups,cn=accounts,dc=example,dc=com))
+```
\ No newline at end of file