Add config changes for mutliple LDAP support (EE only)
This commit is contained in:
parent
a7e071e982
commit
3cd5abf635
|
@ -134,44 +134,66 @@ production: &base
|
|||
# bundle exec rake gitlab:ldap:check RAILS_ENV=production
|
||||
ldap:
|
||||
enabled: false
|
||||
host: '_your_ldap_server'
|
||||
port: 636
|
||||
uid: 'sAMAccountName'
|
||||
method: 'ssl' # "tls" or "ssl" or "plain"
|
||||
bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
|
||||
password: '_the_password_of_the_bind_user'
|
||||
servers:
|
||||
-
|
||||
## provider_id
|
||||
#
|
||||
# This identifier is used by GitLab to keep track of which LDAP server each
|
||||
# GitLab user belongs to. Each LDAP server known to GitLab should have a unique
|
||||
# provider_id. This identifier cannot be changed once users from the LDAP server
|
||||
# have started logging in to GitLab.
|
||||
#
|
||||
# Format: one word, using a-z (lower case) and 0-9
|
||||
# Example: 'paris' or 'uswest2'
|
||||
|
||||
# This setting specifies if LDAP server is Active Directory LDAP server.
|
||||
# For non AD servers it skips the AD specific queries.
|
||||
# If your LDAP server is not AD, set this to false.
|
||||
active_directory: true
|
||||
provider_id: main
|
||||
|
||||
# If allow_username_or_email_login is enabled, GitLab will ignore everything
|
||||
# after the first '@' in the LDAP username submitted by the user on login.
|
||||
#
|
||||
# Example:
|
||||
# - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials;
|
||||
# - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
|
||||
#
|
||||
# If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
|
||||
# disable this setting, because the userPrincipalName contains an '@'.
|
||||
allow_username_or_email_login: false
|
||||
## label
|
||||
#
|
||||
# A human-friendly name for your LDAP server. It is OK to change the label later,
|
||||
# for instance if you find out it is too large to fit on the web page.
|
||||
#
|
||||
# Example: 'Paris' or 'Acme, Ltd.'
|
||||
|
||||
# Base where we can search for users
|
||||
#
|
||||
# Ex. ou=People,dc=gitlab,dc=example
|
||||
#
|
||||
base: ''
|
||||
label: 'LDAP'
|
||||
|
||||
# Filter LDAP users
|
||||
#
|
||||
# Format: RFC 4515 http://tools.ietf.org/search/rfc4515
|
||||
# Ex. (employeeType=developer)
|
||||
#
|
||||
# Note: GitLab does not support omniauth-ldap's custom filter syntax.
|
||||
#
|
||||
user_filter: ''
|
||||
host: '_your_ldap_server'
|
||||
port: 636
|
||||
uid: 'sAMAccountName'
|
||||
method: 'ssl' # "tls" or "ssl" or "plain"
|
||||
bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
|
||||
password: '_the_password_of_the_bind_user'
|
||||
|
||||
# This setting specifies if LDAP server is Active Directory LDAP server.
|
||||
# For non AD servers it skips the AD specific queries.
|
||||
# If your LDAP server is not AD, set this to false.
|
||||
active_directory: true
|
||||
|
||||
# If allow_username_or_email_login is enabled, GitLab will ignore everything
|
||||
# after the first '@' in the LDAP username submitted by the user on login.
|
||||
#
|
||||
# Example:
|
||||
# - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials;
|
||||
# - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
|
||||
#
|
||||
# If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
|
||||
# disable this setting, because the userPrincipalName contains an '@'.
|
||||
allow_username_or_email_login: false
|
||||
|
||||
# Base where we can search for users
|
||||
#
|
||||
# Ex. ou=People,dc=gitlab,dc=example
|
||||
#
|
||||
base: ''
|
||||
|
||||
# Filter LDAP users
|
||||
#
|
||||
# Format: RFC 4515 http://tools.ietf.org/search/rfc4515
|
||||
# Ex. (employeeType=developer)
|
||||
#
|
||||
# Note: GitLab does not support omniauth-ldap's custom filter syntax.
|
||||
#
|
||||
user_filter: ''
|
||||
|
||||
## OmniAuth settings
|
||||
omniauth:
|
||||
|
@ -299,6 +321,21 @@ test:
|
|||
project_url: "http://redmine/projects/:issues_tracker_id"
|
||||
issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
|
||||
new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
|
||||
ldap:
|
||||
enabled: false
|
||||
servers:
|
||||
-
|
||||
provider_id: main
|
||||
label: ldap
|
||||
host: 127.0.0.1
|
||||
port: 3890
|
||||
uid: 'uid'
|
||||
method: 'plain' # "tls" or "ssl" or "plain"
|
||||
base: 'dc=example,dc=com'
|
||||
user_filter: ''
|
||||
group_base: 'ou=groups,dc=example,dc=com'
|
||||
admin_group: ''
|
||||
sync_ssh_keys: false
|
||||
|
||||
staging:
|
||||
<<: *base
|
||||
|
|
Loading…
Reference in New Issue