From 76a0c881ae2fc953f2258eae9c1651bf1a12f6db Mon Sep 17 00:00:00 2001
From: Daniel Pan <freeplant@gmail.com>
Date: Thu, 17 Oct 2024 10:58:24 +0800
Subject: [PATCH] Update ldap_in_11.0.md

---
 manual/deploy_pro/ldap_in_11.0.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/manual/deploy_pro/ldap_in_11.0.md b/manual/deploy_pro/ldap_in_11.0.md
index 20d396eb..f5fda578 100644
--- a/manual/deploy_pro/ldap_in_11.0.md
+++ b/manual/deploy_pro/ldap_in_11.0.md
@@ -424,12 +424,14 @@ DEL_DEPARTMENT_IF_NOT_FOUND = False      # Set to "true", sync process will dele
 
 ### SSO and LDAP users use the same uid
 
-If you use both ldap and SSO (enable LDAP user sync with ADFS/OAuth), and the uids of ldap and sso users are the same, you can configure `SSO_LDAP_USE_SAME_UID = True` to make different authentication methods point to the same Seafile user.
+If you sync users from LDAP to Seafile, when the user login via SSO (ADFS or OAuth), you want Seafile to find the existing account for this user instead of creating a new one, you can set `SSO_LDAP_USE_SAME_UID = True`:
 
 ```python
 SSO_LDAP_USE_SAME_UID = True
 ```
 
+Note, here the UID means the unique user ID, in LDAP it is the attribute you use for `LDAP_LOGIN_ATTR`, in ADFS it is `uid` attribute. You need make sure you use the same attribute for the two settings.
+
 ## Importing Roles from LDAP
 
 Seafile Pro Edition supports syncing roles from LDAP or Active Directory.