GITBOOK-817: LDAP setup update

Author: Faria1212

SUMMARY.md

@@ -249,7 +249,7 @@
     * [LDAP User Search](use-rocket.chat/authentication/ldap/ldap-user-search.md)
     * [LDAP Data Sync Settings](use-rocket.chat/authentication/ldap/ldap-data-sync-settings.md)
     * [LDAP Premium Settings](use-rocket.chat/authentication/ldap/ldap-premium-settings.md)
-    * [LDAP Setup](use-rocket.chat/authentication/ldap/ldap-setup.md)
+    * [LDAP Setup Example](use-rocket.chat/authentication/ldap/ldap-setup.md)
   * [SAML](use-rocket.chat/authentication/saml/README.md)
     * [SAML Configuration](use-rocket.chat/authentication/saml/saml-configuration.md)
     * [Active Directory Federation Services](use-rocket.chat/authentication/saml/active-directory-federation-services.md)

use-rocket.chat/authentication/ldap/ldap-setup.md

@@ -1,10 +1,10 @@
-# LDAP Setup
+# LDAP Setup Example
 
-After exploring the comprehensive LDAP settings in Rocket.Chat, it's beneficial to examine practical examples of these configurations. This requires an up and running LDAP server, which we'll guide you through how to setup (using Osixia OpenLDAP) in order to build a clearer understanding of how Rocket.Chat's LDAP settings can be applied in real-world scenarios.
+After exploring the comprehensive LDAP settings in Rocket.Chat, it's beneficial to examine practical examples of these configurations. This requires an up-and-running LDAP server, which we'll guide you through how to set up (using [Osixia OpenLDAP](https://github.com/osixia/docker-openldap)) in order to build a clearer understanding of how Rocket.Chat's LDAP settings can be applied in real-world scenarios.
 
-## Running a LDAP Server
+## Running an LDAP Server
 
-Rocket.Chat allows workspace owners to connect to OpenLDAP or Active Directory LDAP servers to authenticate or retrieve information. In this first step, we'll guide you through how to setup a LDAP server using Docker and OpenLDAP, which is an open source implementation of the LDAP protocol. For starters, navigate to your preferred directory and create a `docker-compose.yml` file with the following content:
+Rocket.Chat allows workspace owners to connect to OpenLDAP or Active Directory LDAP servers to authenticate or retrieve information. In this first step, we'll guide you through how to set up an LDAP server using Docker and OpenLDAP, which is an open-source implementation of the LDAP protocol. For starters, navigate to your preferred directory and create a `docker-compose.yml` file with the following content:
 
 ```yaml
 services:
@@ -27,51 +27,55 @@ services:
 
 Then, use `docker compose up` to start the container. This will locally deploy an **Osixia OpenLDAP** server running on port 389 (or 636 if the default one is unavailable).
 
-Also, for the next steps you'll need to download and install [Apache Directory Studio](https://directory.apache.org/studio/downloads.html) (ADS), but any LDAP data management tool (such as phpLDAPadmin) will do the job. After installing, open your LDAP management tool and create a new connection (in ADS, this can be achieved through the **Connections** section) using the following information:
+Also, for the next steps, you'll need to download and install [Apache Directory Studio](https://directory.apache.org/studio/downloads.html) (ADS), but any LDAP data management tool (such as phpLDAPadmin) will do the job. After installing, open your LDAP management tool and create a new connection (in ADS, this can be achieved through the **Connections** section) using the following information:
 
-* **Host name:** `localhost`;
-* **Port:** 389;
-* **Authentication method:** Simple authentication;
-* **Admin user's Bind DN:** `cn=admin,dc=rcldap,dc=com,dc=br`;
-* **Bind password:** admin;
+* **Host name:** `localhost`
+* **Port:** `389`
+* **Authentication method:** `Simple authentication`
+* **Admin user's Bind DN:** `cn=admin,dc=rcldap,dc=com,dc=br`
+* **Bind password:** `admin`
 
 Apache Directory Studio's authentication model should look as follows (click "Finish" to complete the connection's setup):
 
 ![ADS connection setup](../../../.gitbook/assets/ldap-apache-new-connection-auth.png)
 
-After succesfully connecting to the LDAP server through ADS, a LDAP tree structure containing an admin and the standard domain (`dc=rcldap,dc=com,dc=br`) should be displayed:
+After successfully connecting to the LDAP server through ADS, an LDAP tree structure containing an admin and the standard domain (`dc=rcldap,dc=com,dc=br`) should be displayed:
 
 ![LDAP Server tree structure result before full setup](../../../.gitbook/assets/ldap-apache-start.png)
 
 ADS is now ready to populate the LDAP server with groups and users that can connect to Rocket.Chat.
 
-## Adding organizational units, users and groups
+## Add organizational units, users, and groups
 
 For this example's use case, all users and organizational units will be added under the default domain already provided after setting up the LDAP server.
 
 {% hint style="info" %}
-You can refer to [Oracle LDAP Security Fundamentals Docs](https://docs.oracle.com/cd/E79533\_01/VSMGU/ldap001.htm) for more info about Users, Groups and Organizational Units in LDAP servers.
+Refer to [Oracle LDAP Security Fundamentals Docs](https://docs.oracle.com/cd/E79533\_01/VSMGU/ldap001.htm) for details about Users, Groups, and Organizational Units in LDAP servers.
 {% endhint %}
 
-After setting up all organizational units, groups and users as described in the next steps, your LDAP tree structure should look as follows:
+After setting up all organizational units, groups, and users as described in the next steps, your LDAP tree structure should look as follows:
 
 ![LDAP Server tree structure result after setup](../../../.gitbook/assets/ldap-result.png)
 
 ### Organizational units
 
-In order to add new organizational units within the default domain, right-click on its element (`dc=rcldap,dc=com,dc=br`) in the tree structure, then choose **New > New Entry** and follow the steps provided below (for this example, we'll need two organizational units created with the `organizationalUnit` object class: **Users** and **Groups**).
+To add new organizational units within the default domain, right-click on its element (`dc=rcldap,dc=com,dc=br`) in the tree structure, then choose **New > New Entry** and follow the steps provided in the screenshot below.
+
+Create two organizational units with the `organizationalUnit` object class: **Users** and **Groups**
 
 ![ADS steps for adding organizational units](../../../.gitbook/assets/ldap-ads-ou-steps.png)
 
 ### Users
 
-For this example, users must be added under the Users organizational unit. This can be achieved with a right-click on the `ou=Users` element in the tree structure, then choose **New > New Entry** and follow the steps provided below (use the `inetOrgPerson` object class).
+For this example, users must be added under the **Users** organizational unit. Right-click on the `ou=Users` element in the tree structure, then choose **New > New Entry** and follow the steps provided below (use the `inetOrgPerson` object class).
 
 ![ADS steps for adding users](../../../.gitbook/assets/ldap-ads-users-steps.png)
 
 ### Groups
 
-For this example, we'll only allow users that are members of a given LDAP group to log in to Rocket.Chat. In order to do that, add a new `RCUsers` group under the Groups organizational unit with a right-click on the `ou=Groups` element in the tree structure, then choose **New > New Entry** and follow the steps provided below (use the `groupOfNames` object class and browse to the user you just created in order to assign it to a `member` property of the group in the last step).
+For this example, we'll only allow users who are members of a given LDAP group to log in to Rocket.Chat. To do that, add a new `RCUsers` group under the **Groups** organizational unit with a right-click on the `ou=Groups` element in the tree structure, then select **New > New Entry** and follow the steps provided in the screenshot below.
+
+Use the `groupOfNames` object class and browse to the user you just created in order to assign it to a `member` property of the group in the last step.
 
 ![ADS steps for adding groups](../../../.gitbook/assets/ldap-ads-groups-steps.png)
 
@@ -81,31 +85,31 @@ More members can be added to the group later by adding new `member` attributes t
 
 Access **Workspace > Settings > LDAP > Connection**, enable LDAP and configure the settings as follows:
 
-* **Server Type:** `Other`;
-* **Host:** `localhost`;
-* **Port:** `389`.
+* **Server Type:** `Other`
+* **Host:** `localhost`
+* **Port:** `389`
 
-Save the changes and press the **"Test Connection"** button in the upper right side of the screen. A "LDAP Connection Succesful" toast message should be displayed.
+Save the changes and press the **"Test Connection"** button on the upper-right side of the screen. An "LDAP Connection Succesful" toast message should be displayed.
 
 ## Authentication
 
 Access **Workspace > Settings > LDAP > Connection > Authentication** and configure the settings as follows:
 
-* **User DN:** `cn=admin,dc=rcldap,dc=com,dc=br`;
-* **Password:** `admin`.
+* **User DN:** `cn=admin,dc=rcldap,dc=com,dc=br`
+* **Password:** `admin`
 
 ## Search Filter
 
 Access **Workspace > Settings > LDAP > User Search > Search Filter** and configure the settings as follows:
 
-* **Base DN:** `dc=rcldap,dc=com,dc=br`;
-* **Filter:** `(objectclass=inetOrgPerson)`;
-* **Scope:** `sub`;
-* **Search Field:** `uid`;
-* **Search Page Size:** `250`;
-* **Search Size Limit:** `1000`.
+* **Base DN:** `dc=rcldap,dc=com,dc=br`
+* **Filter:** `(objectclass=inetOrgPerson)`
+* **Scope:** `sub`
+* **Search Field:** `uid`
+* **Search Page Size:** `250`
+* **Search Size Limit:** `1000`
 
-After this step, you should be able to successfully search LDAP users in your workspace using the connection that has been setup. Try it with the "Test LDAP Search" button on the upper right side of the screen, specify an LDAP user's `uid` field and a successful toast message should be displayed.
+After this step, you should be able to successfully search LDAP users in your workspace using the connection that has been set up. Try it with the "Test LDAP Search" button on the upper right side of the screen. Specify an LDAP user's `uid` field, and a successful toast message should be displayed.
 
 ## Group Filter