</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term>ldap_user_dn = DN</term>
+ <listitem><para>
+ Defines the user DN to be used for authentication. If absent an
+ anonymous bind will be performed.
+ </para></listitem>
+ </varlistentry>
+
<varlistentry>
<term>ldap_url = ldap://server/</term>
<listitem><para>
</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term>ldap_user_dn = DN</term>
+ <listitem><para>
+ Defines the user DN to be used for authentication. If absent an
+ anonymous bind will be performed.
+ </para></listitem>
+ </varlistentry>
+
<varlistentry>
<term>ldap_url = ldap://server/</term>
<listitem><para>
</programlisting>
</refsect1>
+<refsynopsisdiv>
+ <title>NOTE</title>
+
+ <para>In order to use authentication against ldap servers you may
+ need to provide a DN and a password. To avoid exposing the password
+ in plain text in the configuration file we store it into a security
+ store. The "net idmap " command is used to store a secret
+ for the DN specified in a specific idmap domain.
+ </para>
+</refsynopsisdiv>
+
<refsect1>
<title>AUTHOR</title>
</refsect2>
+<refsect2>
+<title>IDMAP DUMP <output file></title>
+
+<para>
+Dumps the mappings in the specified output file.
+</para>
+
+</refsect2>
+
+<refsect2>
+<title>IDMAP RESTORE [input file]</title>
+
+<para>
+Restore the mappings from the specified file or stdin.
+</para>
+
+</refsect2>
+
+<refsect2>
+<title>IDMAP SECRET <DOMAIN>|ALLOC <secret></title>
+
+<para>
+Store a secret for the sepcified domain, used primarily for domains
+that use idmap_ldap as a backend. In this case the secret is used
+as the password for the user DN used to bind to the ldap server.
+</para>
+
+</refsect2>
+
<refsect2>
<title>USERSHARE</title>