diff --git a/README.md b/README.md
index 0da62b1..5d65794 100644
--- a/README.md
+++ b/README.md
@@ -29,9 +29,6 @@ Written by Nathan Coad (nathan.coad@dell.com)
 | LOG_FILE | Specify the name/path of file to write log messages to | /var/log/smt.log | ./smt.log
 | BIND_IP | Specify the local IP address to bind to. | 127.0.0.1 | Primary IPv4 address |
 | BIND_PORT | Specify the TCP/IP port to bind to. | 443 | 8443 |
-| LDAP_BIND_ADDRESS | If LDAP integration is needed, specify the LDAP Bind address. Only LDAPS on port 636 is supported. Do not specify port 636 in the bind address | dc.example.com | No default specified |
-| LDAP_BASE_DN | If LDAP integration is needed, specify the base DN to use when binding to AD | "CN=Users,DC=example,DC=com" | No default specified |
-| LDAP_TRUST_CERT_FILE | If LDAP integration is needed, specify filepath to PEM format public certificate of Certificate Authority signing LDAPS communications | caroot.pem | No default specified, must define this value |
 | TLS_KEY_FILE | Specify the filename of the TLS certificate private key (must be unencrypted) in PEM format | key.pem | privkey.pem |
 | TLS_CERT_FILE | Specify the filename of the TLS certificate file in PEM format | cert.pem | cert.pem |
 | TOKEN_HOUR_LIFESPAN | Number of hours that the JWT token returned at login is valid | 12 | No default specified, must define this value |
@@ -43,6 +40,18 @@ If the TLS certificate and key files cannot be located in the specified location
 
 Example for generating API_SECRET and SECRETS_KEY is the following command on linux: `head /dev/urandom | tr -dc A-Za-z0-9 | head -c32`
 
+### LDAP specific configuration
+
+Several environment variables are available to configure LDAP integration if required. If the LDAP_BIND_ADDRESS is specified, SMT will attempt to perform an LDAP search for the provided username if no matches to the locally configured users are found in the database. 
+
+This lookup will utilise the sAMAccountName property of the user object in Active Directory. No other LDAP providers have been tested.
+
+|Environment Variable Name| Description  | Example | Default |
+|--|--|--|--|
+| LDAP_BIND_ADDRESS | If LDAP integration is needed, specify the LDAP Bind address. Only LDAPS on port 636 is supported. Do not specify port 636 in the bind address | dc.example.com | No default specified |
+| LDAP_BASE_DN | If LDAP integration is needed, specify the base DN to use when binding to AD | "CN=Users,DC=example,DC=com" | No default specified |
+| LDAP_TRUST_CERT_FILE | If LDAP integration is needed, specify filepath to PEM format public certificate of Certificate Authority signing LDAPS communications | caroot.pem | No default specified, must define this value |
+
 ## Systemd script
 
 Create/update the systemd service definition at /etc/systemd/system/smt.service and then run systemctl daemon-reload
diff --git a/models/ldap.go b/models/ldap.go
index 9224588..22b82bf 100644
--- a/models/ldap.go
+++ b/models/ldap.go
@@ -240,7 +240,7 @@ func VerifyLdapCreds(username string, password string) bool {
 		log.Printf("VerifyLdapCreds group search error : '%s'\n", err)
 		return false
 	}
-	fmt.Printf("groups: %v\n", groups)
+	log.Printf("groups: %v\n", groups)
 
 	return true
 }
@@ -271,7 +271,7 @@ func GetGroupsOfUser(username string, baseDN string, conn *ldap.Conn) ([]string,
 		nil,
 	)
 
-	fmt.Printf("searchRequest: %v\n", searchRequest)
+	log.Printf("searchRequest: %v\n", searchRequest)
 
 	sr, err := conn.Search(searchRequest)
 	if err != nil {