GITBOOK-43: Update RBAC with LDAP

Author: Haarolean

SUMMARY.md

@@ -21,7 +21,7 @@
   * [Without Docker](development/building/without-docker.md)
 * [WIP: Testing](development/wip-testing.md)
 
-## 👷♂ Configuration
+## 👷♂ 👷♂ Configuration
 
 * [Quick Start](configuration/quick-start/README.md)
   * [via AWS Marketplace](configuration/quick-start/via-aws-marketplace.md)

configuration/authentication/ldap-active-directory.md

@@ -1,5 +1,20 @@
 # LDAP / Active Directory
 
-See this:
-
-[https://github.com/provectus/kafka-ui/blob/master/documentation/compose/auth-ldap.yaml](https://github.com/provectus/kafka-ui/blob/master/documentation/compose/auth-ldap.yaml)
+```
+auth:
+  type: LDAP
+spring:
+  ldap:
+    urls: ldap://localhost:10389
+    base: "cn={0},ou=people,dc=planetexpress,dc=com"
+    admin-user: "cn=admin,dc=planetexpress,dc=com"
+    admin-password: "GoodNewsEveryone"
+    user-filter-search-base: "dc=planetexpress,dc=com"
+    user-filter-search-filter: "(&(uid={0})(objectClass=inetOrgPerson))"
+    group-filter-search-base: "ou=people,dc=planetexpress,dc=com" # required for RBAC
+oauth2:
+  ldap:
+    activeDirectory: false
+    aсtiveDirectory:
+      domain: memelord.lol
+```

configuration/rbac-role-based-access-control.md

@@ -6,8 +6,7 @@ In this article we'll guide how to setup Kafka-UI with role-based access control
 
 ### Authentication methods
 
-First of all, you'd need to setup authentication method(s). Refer to [this](https://github.com/provectus/kafka-ui/wiki/OAuth-Configuration) article for OAuth2 setup.\
-LDAP: TBD
+First of all, you'd need to setup authentication method(s). Refer to [this](https://github.com/provectus/kafka-ui/wiki/OAuth-Configuration) article for OAuth2 setup.
 
 ### Config placement
 
@@ -138,11 +137,11 @@ rbac:
           type: group
           value: "memelords"
 
-        # LDAP NOT IMPLEMENTED YET
         - provider: ldap
           type: group
-          value: "ou=devs,dc=planetexpress,dc=com"
-        - provider: ldap_ad
+          value: "admin_staff"
+
+        - provider: ldap_ad # NOT YET SUPPORTED, SEE ISSUE 3741
           type: user
           value: "cn=germanosin,dc=planetexpress,dc=com"