diff --git a/doc/ldap.md b/doc/ldap.md
new file mode 100644
index 0000000..1e3c80c
--- /dev/null
+++ b/doc/ldap.md
@@ -0,0 +1,16 @@
+# LDAP (389 Directory Server).
+
+## Credentials 
+
+The admin account is `cn=Directory Manager` with the password stored in the
+encrypted data bag `admin_password` item
+
+```
+$ knife data bag show credentials dirsrv --secret-file .chef/encrypted_data_bag_secret
+```
+
+## Example search:
+
+```
+$ ldapsearch -x -w $password -D 'cn=Directory Manager' -b "ou=users,dc=kosmos,dc=org" -H "ldaps://ldap.kosmos.org" -v
+```