GITBOOK-417: change request with no subject merged in GitBook

Author: defguard-community

enterprise/all-enteprise-features/ldap-and-active-directory-integration/configuration.md

@@ -8,7 +8,7 @@ description: How to configure connection between Defguard instance and LDAP.
 Active Directory support is available in Defguard ≥ v1.3.0
 {% endhint %}
 
-{% hint style="danger" %}
+{% hint style="warning" %}
 If you are using the integration across multiple nested organizational units, please read the [#multiple-nested-ous](configuration.md#multiple-nested-ous "mention") section.
 {% endhint %}
 
@@ -66,7 +66,9 @@ This is an example configuration for an OpenLDAP server integrated with Samba (h
 
 ### Multiple nested OUs
 
-Using the integration with multiple nested organizational units may currently lead to some unexpected behavior. The following issues are known to occur:
+Multiple nested organizational units are supported in Defguard 1.4.0 and above.
+
+If you are using an older version of Defguard, using the integration with multiple nested organizational units may currently lead to some unexpected behavior. The following issues are known to occur:
 
 * If you have duplicate user RDNs across multiple OUs a database error may occur: `Duplicate key violates unique constraint 'unique_ldap_rdn'` , causing issues with two way synchronization. This would happen in the following scenario:
   * `CN=user1,OU=ou1,OU=ou,DC=example`
@@ -78,5 +80,5 @@ Using the integration with multiple nested organizational units may currently le
 
     In this example, the user's DN has deeper nesting than the search base, preventing matching them during the group members lookup.
 
-To fix this problem, you should limit the search base to one organizational unit only, if possible. Otherwise we are working on a solution, the status can be tracked in the following issue: [https://github.com/DefGuard/defguard/issues/1242](https://github.com/DefGuard/defguard/issues/1242).
+To fix this problem, you should limit the search base to one organizational unit only, if possible.
 

enterprise/all-enteprise-features/ldap-and-active-directory-integration/settings-table.md

@@ -4,6 +4,10 @@ description: List with description of settings for LDAP found in settings page.
 
 # Settings table
 
+{% hint style="warning" %}
+Ensure that the letter casing in your Defguard settings matches exactly with your LDAP configuration. For instance, if your LDAP uses 'CN', be sure to enter it as 'CN' in the settings, not 'cn'.
+{% endhint %}
+
 | Field                                 | Description                                                                                                                                         | Default                                   |
 | ------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------- |
 | URL                                   | URL that points to your LDAP server.                                                                                                                | Empty                                     |

enterprise/all-enteprise-features/ldap-and-active-directory-integration/two-way-ldap-and-active-directory-synchronization.md

@@ -63,6 +63,8 @@ If you want to synchronize only selected users, you can specify the groups of wh
 
 This can be useful if you have a lot of users in your LDAP server and want to synchronize/pull only users belonging to a given group, e.g. `defguard-sync`.
 
+Another use case would be if you want to have some Defguard users that you don't want to synchronize with LDAP. If those users are not members of the synchronization groups, they won't be touched (and deleted) by the integration.
+
 This setting is described in more depth in [settings-table.md](settings-table.md "mention") and affects both LDAP → Defguard and Defguard → LDAP synchronizations.
 
 After specifying synchronization groups, only members of those groups will be kept in sync.