diff options
| author | Werner Koch <[email protected]> | 2020-12-21 14:07:32 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2020-12-21 16:24:41 +0000 |
| commit | 261fb98c6f034f3f96abee79ea73febd115420ae (patch) | |
| tree | f0c52dc3a9a5f20d74e36de6f9b13c412b5169e9 | |
| parent | common: Fix the "ignore" meta command in argparse.c (diff) | |
| download | gnupg-261fb98c6f034f3f96abee79ea73febd115420ae.tar.gz gnupg-261fb98c6f034f3f96abee79ea73febd115420ae.zip | |
doc: Explain LDAP keyserver parameters
| -rw-r--r-- | doc/dirmngr.texi | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi index ba4f1591e..843fdbf67 100644 --- a/doc/dirmngr.texi +++ b/doc/dirmngr.texi @@ -328,7 +328,26 @@ whether Tor is locally running or not. The check for a running Tor is done for each new connection. If no keyserver is explicitly configured, dirmngr will use the -built-in default of hkps://hkps.pool.sks-keyservers.net. +built-in default of @code{hkps://hkps.pool.sks-keyservers.net}. + +Windows users with a keyserver running on their Active Directory +should use @code{ldap:///} for @var{name} to access this directory. + +For accessing anonymous LDAP keyservers @var{name} is in general just +a @code{ldaps://ldap.example.com}. A BaseDN parameter should never be +specified. If authentication is required the value of @var{name} is +for example: + +@example + keyserver ldaps://ldap.example.com/????bindname=uid=USERNAME + %2Cou=GnuPG%20Users%2Cdc=example%2Cdc=com,password=PASSWORD +@end example + + Put this all on one line without any spaces and keep the '%2C' as given. + Replace USERNAME, PASSWORD, and the 'dc' parts according to the + instructions received from the LDAP administrator. Note that only + simple authentication (i.e. cleartext passwords) is supported and thus + using ldaps is strongly suggested. @item --nameserver @var{ipaddr} @opindex nameserver |