From 3cd0917ec3a8e8fd048869cbe6e8430b361c7d37 Mon Sep 17 00:00:00 2001
From: Hidde Wieringa <hidde@hiddewieringa.nl>
Date: Sun, 7 Oct 2018 15:08:58 +0200
Subject: [PATCH 1/2] IssuE #10336. Added docs for LDAP user provider with
 default (null) values

---
 security/ldap.rst | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/security/ldap.rst b/security/ldap.rst
index 64167b42f9a..ed9e382255d 100644
--- a/security/ldap.rst
+++ b/security/ldap.rst
@@ -257,19 +257,22 @@ and will not be considered as authenticated fully.
 uid_key
 .......
 
-**type**: ``string`` **default**: ``sAMAccountName``
+**type**: ``string`` **default**: ``null``
 
 This is the entry's key to use as its UID. Depends on your LDAP server
 implementation. Commonly used values are:
 
-* ``sAMAccountName``
+* ``sAMAccountName`` (default)
 * ``userPrincipalName``
 * ``uid``
 
+If you configure the value ``null`` for the UID key, the default UID key
+``sAMAccountName`` is used.
+
 filter
 ......
 
-**type**: ``string`` **default**: ``({uid_key}={username})``
+**type**: ``string`` **default**: ````
 
 This key lets you configure which LDAP query will be used. The ``{uid_key}``
 string will be replaced by the value of the ``uid_key`` configuration value
@@ -279,6 +282,9 @@ replaced by the username you are trying to load.
 For example, with a ``uid_key`` of ``uid``, and if you are trying to
 load the user ``fabpot``, the final string will be: ``(uid=fabpot)``.
 
+If you configure this key with the value ``null``, the default filter
+``({uid_key}={username})`` is used.
+
 Of course, the username will be escaped, in order to prevent `LDAP injection`_.
 
 The syntax for the ``filter`` key is defined by `RFC4515`_.

From 64e9baddcebd63ea837b1e9ef459add6ebe9473e Mon Sep 17 00:00:00 2001
From: Hidde Wieringa <hidde@hiddewieringa.nl>
Date: Sun, 7 Oct 2018 19:15:00 +0200
Subject: [PATCH 2/2] Fix empty code snippet

---
 security/ldap.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/ldap.rst b/security/ldap.rst
index ed9e382255d..f715ff6960c 100644
--- a/security/ldap.rst
+++ b/security/ldap.rst
@@ -272,7 +272,7 @@ If you configure the value ``null`` for the UID key, the default UID key
 filter
 ......
 
-**type**: ``string`` **default**: ````
+**type**: ``string`` **default**: ``null``
 
 This key lets you configure which LDAP query will be used. The ``{uid_key}``
 string will be replaced by the value of the ``uid_key`` configuration value