update link qemu documentation non web.archive

[pve-docs.git] / pveum.adoc

diff --git a/pveum.adoc b/pveum.adoc
index 00575648ae3549eed830c641943ce32892fe3711..b5eea290efa3778e19513a0413d63bab483b937d 100644 (file)
--- a/pveum.adoc
+++ b/pveum.adoc
@@ -163,6 +163,12 @@ configured via the `bind_dn` property in `/etc/pve/domains.cfg`. Its
 password then has to be stored in `/etc/pve/priv/ldap/<realmname>.pw`
 (e.g. `/etc/pve/priv/ldap/my-ldap.pw`). This file should contain a
 single line containing the raw password.
++
+To verify certificates, you need to to set `capath`. You can set it either
+directly to the CA certificate of your LDAP server, or to the system path
+containing all trusted CA certificates (`/etc/ssl/certs`).
+Additionally, you need to set the `verify` option, which can also be doen over
+the web interface.
 
 Microsoft Active Directory::
 
@@ -174,6 +180,8 @@ encryption can be configured.
 Syncing LDAP-based realms
 ~~~~~~~~~~~~~~~~~~~~~~~~~
 
+[thumbnail="screenshot/gui-datacenter-realm-add-ldap.png"]
+
 It is possible to sync users and groups for LDAP based realms. You can use the
 CLI command
 
@@ -201,6 +209,8 @@ groups.
 Options
 ^^^^^^^
 
+[thumbnail="screenshot/gui-datacenter-realm-add-ldap-sync-options.png"]
+
 The main options for syncing are:
 
 * `dry-run`: No data is written to the config. This is useful if you want to
@@ -275,7 +285,7 @@ password into the user's 'Key IDs' field.
 Please refer to the https://developers.yubico.com/OTP/[YubiKey OTP]
 documentation for how to use the
 https://www.yubico.com/products/services-software/yubicloud/[YubiCloud] or
-https://developers.yubico.com/Software_Projects/YubiKey_OTP/YubiCloud_Validation_Servers/[host
+https://developers.yubico.com/Software_Projects/Yubico_OTP/YubiCloud_Validation_Servers/[host
 your own verification server].
 
 [[pveum_user_configured_totp]]