diff --git a/docs/system-admin-guide/authentication/kerberos/README.md b/docs/system-admin-guide/authentication/kerberos/README.md index 10fd1cb69cda..a9a5e50279e7 100644 --- a/docs/system-admin-guide/authentication/kerberos/README.md +++ b/docs/system-admin-guide/authentication/kerberos/README.md @@ -12,7 +12,8 @@ keywords: Kerberos, authentication > [!NOTE] > This documentation is valid for the OpenProject Enterprise edition only. -> [Kerberos](https://web.mit.edu/kerberos/) allows you to authenticate user requests to a service within a computer network. You can integrate it with OpenProject with the use of [GSSAPI Apache module](https://github.com/gssapi/mod_auth_gssapi/) (`mod_auth_gssapi`) plugging into the OpenProject packaged installation using Apache web server. + +[Kerberos](https://web.mit.edu/kerberos/) allows you to authenticate user requests to a service within a computer network. You can integrate it with OpenProject with the use of [GSSAPI Apache module](https://github.com/gssapi/mod_auth_gssapi/) (`mod_auth_gssapi`) plugging into the OpenProject packaged installation using Apache web server. This guide will also apply for Docker-based installation, if you have an outer proxying server such as Apache2 that you can configure to use Kerberos. This guide however focuses on the packaged installation of OpenProject. diff --git a/docs/system-admin-guide/authentication/ldap-connections/ldap-group-synchronization/README.md b/docs/system-admin-guide/authentication/ldap-connections/ldap-group-synchronization/README.md index dc40bea4a4ae..717f179cd6c1 100644 --- a/docs/system-admin-guide/authentication/ldap-connections/ldap-group-synchronization/README.md +++ b/docs/system-admin-guide/authentication/ldap-connections/ldap-group-synchronization/README.md @@ -39,7 +39,7 @@ Instead of manually synchronizing groups from a given DN, you can also create fi When the synchronization task is executed, the filter is being queried against the LDAP and resulting group objects will be created as synchronized groups *and* as OpenProject groups. -![LDAP synchronized filter form](ldap-groups-filter.png) +![LDAP synchronized filter form in OpenProject administration](openproject_system_guide_add_ldap_filter.png) ### Create a synchronized filter @@ -54,7 +54,8 @@ To create a new synchronized filter, use the button on the top right of the inde Click on *Create* to finish the creation of the synchronized filter. This filter is being executed hourly as part of the background job before the actual group synchronization runs. -**Note:** If you manually create a synchronized group that is also found by a filter, its properties (such as the *Sync users* setting) is being overridden by the filter setting. +> [!NOTE] +> If you manually create a synchronized group that is also found by a filter, its properties (such as the *Sync users* setting) is being overridden by the filter setting. ## Configure synchronized LDAP groups @@ -64,7 +65,7 @@ In order to get to the LDAP group sync administration pane, expand the LDAP auth In order for the LDAP groups plugin to locate your group entries, you first need to set the *group key* to **cn** (the identifying attribute of the group entries) and *group base* to **ou=groups,ou=example,ou=com** as shown in the following screenshot. -![LDAP group synchronization settings](ldap-group-form.png) +![LDAP group synchronization settings in OpenProject administration](openproject_system_guide_add_ldap_group.png) ### Create a synchronized group diff --git a/docs/system-admin-guide/authentication/ldap-connections/ldap-group-synchronization/openproject_system_guide_add_ldap_filter.png b/docs/system-admin-guide/authentication/ldap-connections/ldap-group-synchronization/openproject_system_guide_add_ldap_filter.png new file mode 100644 index 000000000000..7d46fe3fae45 Binary files /dev/null and b/docs/system-admin-guide/authentication/ldap-connections/ldap-group-synchronization/openproject_system_guide_add_ldap_filter.png differ diff --git a/docs/system-admin-guide/authentication/ldap-connections/ldap-group-synchronization/openproject_system_guide_add_ldap_group.png b/docs/system-admin-guide/authentication/ldap-connections/ldap-group-synchronization/openproject_system_guide_add_ldap_group.png new file mode 100644 index 000000000000..49d4038fcfe0 Binary files /dev/null and b/docs/system-admin-guide/authentication/ldap-connections/ldap-group-synchronization/openproject_system_guide_add_ldap_group.png differ diff --git a/docs/system-admin-guide/authentication/saml/README.md b/docs/system-admin-guide/authentication/saml/README.md index f396d9bb592c..005c4a952cfd 100644 --- a/docs/system-admin-guide/authentication/saml/README.md +++ b/docs/system-admin-guide/authentication/saml/README.md @@ -15,8 +15,8 @@ You can integrate your active directory or other SAML compliant identity provide ## Enterprise cloud For the moment in the Enterprise cloud OpenProject DevOps team has to apply the configuration for you. The configuration has to be provided in a support ticket, e.g. as an ENV environment file. -Experience shows that configuring this can be tricky, though. So it may take a bit until the correct configuration is finished with your SAML provider. -If you have the chance to test the SAML configuration on an Enterprise on-premises installation this might speed things up. But we can make it work either way. +Experience shows that configuring this can be tricky. So it may require some time until the correct configuration is finished with your SAML provider. +If you have the chance to test the SAML configuration on an Enterprise on-premises installation this might speed up the process. But we can make it work either way. ## Enterprise on-premises