diff --git a/README.md b/README.md
index af31cc8..5fab5cd 100644
--- a/README.md
+++ b/README.md
@@ -27,7 +27,7 @@ MIT. See "LICENSE" file.
 
 # `LdapAuth` Config Options
 
-[Use the source Luke](https://github.com/trentm/node-ldapauth/blob/master/lib/ldapauth.js#L25-45)
+[Use the source Luke](https://github.com/trentm/node-ldapauth/blob/master/lib/ldapauth.js#L25-53)
 
 
 # express/connect basicAuth example
diff --git a/lib/ldapauth.js b/lib/ldapauth.js
index ec199d5..63c5d1e 100644
--- a/lib/ldapauth.js
+++ b/lib/ldapauth.js
@@ -41,6 +41,14 @@ var format = require('util').format;
  *        this will add TRACE-level logging for ldapjs (quite verbose).
  *    cache {Boolean} Optional, default false. If true, then up to 100
  *        credentials at a time will be cached for 5 minutes.
+ *    timeout {Integer} Optional, default Infinity. How long the client should
+ *        let operations live for before timing out.
+ *    connectTimeout {Integer} Optional, default is up to the OS. How long the
+ *        client should wait before timing out on TCP connections.
+ *    tlsOptions {Object} Additional options passed to the TLS connection layer
+ *        when connecting via ldaps://. See
+ *        http://nodejs.org/api/tls.html#tls_tls_connect_options_callback
+ *        for available options
  */
 function LdapAuth(opts) {
   this.opts = opts;
@@ -60,6 +68,15 @@ function LdapAuth(opts) {
   if (opts.log4js && opts.verbose) {
     clientOpts.log4js = opts.log4js;
   }
+  if (opts.timeout) {
+    clientOpts.timeout = opts.timeout;
+  }
+  if (opts.connectTimeout) {
+    clientOpts.connectTimeout = opts.connectTimeout;
+  }
+  if (opts.tlsOptions) {
+    clientOpts.tlsOptions = opts.tlsOptions;
+  }
   this._adminClient = ldap.createClient(clientOpts);
   this._adminBound = false;
   this._userClient = ldap.createClient(clientOpts);