diff --git a/doc/guide.html b/doc/guide.html
index 36857784f..d6a0525a4 100644
--- a/doc/guide.html
+++ b/doc/guide.html
@@ -1688,7 +1688,22 @@ default Filter value is: undefined. Example:
"(&(objectClass=shadowAccount)(memberOf=Jabber Users))". Please, do
not forget to close brackets and do not use superfluous whitespaces. Also you
must not use ldap_uidattr attribute in filter because this
-attribute will be substituted in LDAP filter automatically.
{ldap_local_filter, Filter}
+attribute will be substituted in LDAP filter automatically.
+{ldap_dn_filter, { Filter, FilterAttrs }}
+This filter is applied on the results returned by the main filter. This filter
+performs additional LDAP lookup to make the complete result. This is useful
+when you are unable to define all filter rules in ldap_filter. You
+can define "%u", "%d", "%s" and "%D" pattern
+variables in Filter: "%u" is replaced by a user’s part of a JID,
+"%d" is replaced by the corresponding domain (virtual host),
+all "%s" variables are consecutively replaced by values of FilterAttrs
+attributes and "%D" is replaced by Distinguished Name. By default
+ldap_dn_filter is undefined.
+Example:
+{ldap_dn_filter, {"(&(name=%s)(owner=%D)(user=%u@%d))", ["sn"]}}.
+
Since this filter makes additional LDAP lookups, use it only in the
+last resort: try to define all filter rules in ldap_filter if possible.
+{ldap_local_filter, Filter}
If you can’t use ldap_filter due to performance reasons
(the LDAP server has many users registered),
you can use this local filter.