From 7fcf47366253a394488d2d0526188156b71bd53a Mon Sep 17 00:00:00 2001
From: Peter Bieringer <pb@bieringer.de>
Date: Tue, 25 Mar 2025 07:11:36 +0100
Subject: [PATCH] ldap_ignore_attribute_create_modify_timestamp changelog +
 cosmetics in description

---
 CHANGELOG.md     | 1 +
 DOCUMENTATION.md | 4 ++--
 config           | 4 ++--
 3 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 04ce27a5..03557c50 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,7 @@
 ## 3.5.1.dev
 
 * Fix: auth/htpasswd related to detection and use of bcrypt
+* Add: option [auth] ldap_ignore_attribute_create_modify_timestamp for support of Authentik LDAP server
 
 ## 3.5.0
 
diff --git a/DOCUMENTATION.md b/DOCUMENTATION.md
index 16b4518b..838625c2 100644
--- a/DOCUMENTATION.md
+++ b/DOCUMENTATION.md
@@ -1065,8 +1065,8 @@ Default:
 _(>= 3.5.1)_
 
 Add modifyTimestamp and createTimestamp to the exclusion list of internal ldap3 client
-so that these schema attributes are not checked. This is needed for Authentik since
-Authentik does not provide these both attributes.
+so that these schema attributes are not checked. This is needed at least for Authentik
+LDAP server as not providing these both attributes.
 
 Default: false
 
diff --git a/config b/config
index 273763de..6b409c72 100644
--- a/config
+++ b/config
@@ -74,8 +74,8 @@
 ## Expiration time of caching failed logins in seconds
 #cache_failed_logins_expiry = 90
 
-# Ignore modifyTimestamp and createTimestamp attributes. Needed if Authentik LDAP server is used. Uncomment then.
-#ldap_ignore_attribute_create_modify_timestamp = true  
+# Ignore modifyTimestamp and createTimestamp attributes. Required e.g. for Authentik LDAP server
+#ldap_ignore_attribute_create_modify_timestamp = false
 
 # URI to the LDAP server
 #ldap_uri = ldap://localhost