diff -r e8855733b125 -r bae4d11a104b server/sources/ldapuser.py
--- a/server/sources/ldapuser.py	Mon Feb 21 10:31:18 2011 +0100
+++ b/server/sources/ldapuser.py	Tue Feb 22 21:30:32 2011 +0100
@@ -97,13 +97,13 @@
          {'type' : 'string',
           'default': '',
           'help': 'user dn to use to open data connection to the ldap (eg used \
-to respond to rql queries).',
+to respond to rql queries). Leave empty for anonymous bind',
           'group': 'ldap-source', 'level': 1,
           }),
         ('data-cnx-password',
          {'type' : 'string',
           'default': '',
-          'help': 'password to use to open data connection to the ldap (eg used to respond to rql queries).',
+          'help': 'password to use to open data connection to the ldap (eg used to respond to rql queries). Leave empty for anonymous bind.',
           'group': 'ldap-source', 'level': 1,
           }),
 
@@ -111,19 +111,19 @@
          {'type' : 'string',
           'default': 'ou=People,dc=logilab,dc=fr',
           'help': 'base DN to lookup for users',
-          'group': 'ldap-source', 'level': 0,
+          'group': 'ldap-source', 'level': 1,
           }),
         ('user-scope',
          {'type' : 'choice',
           'default': 'ONELEVEL',
           'choices': ('BASE', 'ONELEVEL', 'SUBTREE'),
-          'help': 'user search scope',
+          'help': 'user search scope (valid values: "BASE", "ONELEVEL", "SUBTREE")',
           'group': 'ldap-source', 'level': 1,
           }),
         ('user-classes',
          {'type' : 'csv',
           'default': ('top', 'posixAccount'),
-          'help': 'classes of user',
+          'help': 'classes of user (with Active Directory, you want to say "user" here)',
           'group': 'ldap-source', 'level': 1,
           }),
         ('user-filter',
@@ -135,7 +135,7 @@
         ('user-login-attr',
          {'type' : 'string',
           'default': 'uid',
-          'help': 'attribute used as login on authentication',
+          'help': 'attribute used as login on authentication (with Active Directory, you want to use "sAMAccountName" here)',
           'group': 'ldap-source', 'level': 1,
           }),
         ('user-default-group',
@@ -148,7 +148,7 @@
         ('user-attrs-map',
          {'type' : 'named',
           'default': {'uid': 'login', 'gecos': 'email'},
-          'help': 'map from ldap user attributes to cubicweb attributes',
+          'help': 'map from ldap user attributes to cubicweb attributes (with Active Directory, you want to use sAMAccountName:login,mail:email,givenName:firstname,sn:surname)',
           'group': 'ldap-source', 'level': 1,
           }),
 
@@ -282,7 +282,7 @@
             try:
                 self._connect()
             except:
-                self.exception('cant connect to ldap')
+                self.exception('unable to connect to ldap:')
         return ConnectionWrapper(self._conn)
 
     def authenticate(self, session, login, password=None, **kwargs):