Adjust idm docs after it's now running by default

docs/extensions/idm/_index.md

@@ -10,6 +10,19 @@ geekdocCollapseSection: true
 
 ## Abstract
 
+The IDM service provides a minimal LDAP Service (based on https://github.com/libregraph/idm) for oCIS. It is started as part of
+the default configuration and serves as a central place for storing user and group informationn.
+
+It is mainly targeted at small oCIS installations. For larger setups it is recommended to replace IDM with a "real" LDAP server
+or to switch to an external Identity Management Solution.
+
+IDM listens on port 9325 by default. In the default configuration it only accepts TLS protected connections (LDAPS). The BaseDN
+of the LDAP tree is `o=libregraph-idm`. IDM gives LDAP write permissions to a single user 
+(DN: `uid=libregraph,ou=sysusers,o=libregraph-idm`) any other authenticated user has read-only access.
+
+Note: IDM is limited in its functionality. It only supports a subset of the LDAP operations (namely BIND, SEARCH, ADD, MODIFY, DELETE).
+Also IDM currently does not do any Schema Verification (e.g. structural vs. auxillary Objectclasses, require and option Attributes,
+Syntax Checks, ...). So it's not meant as a general purpose LDAP server.
 
 ## Table of Contents
 

docs/ocis/getting-started/demo-users.md

@@ -11,7 +11,7 @@ oCIS has the option to create demo users during the first startup. These enable
 
 {{< hint info >}}
 To create the demo users, run the initial setup step with an additional environment variable.
-`ACCOUNTS_DEMO_USERS_AND_GROUPS=true ./bin/ocis server` will generate the demo users listed in the table below. By default, it only generates the admin and one user for IDP and Reva respectively.
+`IDM_CREATE_DEMO_USERS=true ./bin/ocis server` will generate the demo users listed in the table below. By default, it only generates the admin and one user for IDP and Reva respectively.
 {{< /hint >}}
 
 Following users are available in the demo set: