Add more precision about LDAP configuration
This commit is contained in:
David
parent
063aa5c922
commit
a98497b2db
1 changed files with 10 additions and 23 deletions
|
|
@ -62,10 +62,14 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
|
||||||
# Example: 'Paris' or 'Acme, Ltd.'
|
# Example: 'Paris' or 'Acme, Ltd.'
|
||||||
label: 'LDAP'
|
label: 'LDAP'
|
||||||
|
|
||||||
|
# Example: 'ldap.mydomain.com'
|
||||||
host: '_your_ldap_server'
|
host: '_your_ldap_server'
|
||||||
|
# This port is an example, it is sometimes different but it is always an integer and not a string
|
||||||
port: 389
|
port: 389
|
||||||
uid: 'sAMAccountName'
|
uid: 'sAMAccountName'
|
||||||
method: 'plain' # "tls" or "ssl" or "plain"
|
method: 'plain' # "tls" or "ssl" or "plain"
|
||||||
|
|
||||||
|
# Examples: 'america\\momo' or 'CN=Gitlab Git,CN=Users,DC=mydomain,DC=com'
|
||||||
bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
|
bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
|
||||||
password: '_the_password_of_the_bind_user'
|
password: '_the_password_of_the_bind_user'
|
||||||
|
|
||||||
|
|
@ -97,7 +101,7 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
|
||||||
|
|
||||||
# Base where we can search for users
|
# Base where we can search for users
|
||||||
#
|
#
|
||||||
# Ex. ou=People,dc=gitlab,dc=example
|
# Ex. 'ou=People,dc=gitlab,dc=example' or 'DC=mydomain,DC=com'
|
||||||
#
|
#
|
||||||
base: ''
|
base: ''
|
||||||
|
|
||||||
|
|
@ -108,6 +112,9 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
|
||||||
#
|
#
|
||||||
# Note: GitLab does not support omniauth-ldap's custom filter syntax.
|
# Note: GitLab does not support omniauth-ldap's custom filter syntax.
|
||||||
#
|
#
|
||||||
|
# Below an example for get only specific users
|
||||||
|
# Example: '(&(objectclass=user)(|(samaccountname=momo)(samaccountname=toto)))'
|
||||||
|
#
|
||||||
user_filter: ''
|
user_filter: ''
|
||||||
|
|
||||||
# LDAP attributes that GitLab will use to create an account for the LDAP user.
|
# LDAP attributes that GitLab will use to create an account for the LDAP user.
|
||||||
|
|
@ -162,32 +169,12 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
|
||||||
EOS
|
EOS
|
||||||
```
|
```
|
||||||
|
|
||||||
An other example:
|
|
||||||
```ruby
|
|
||||||
gitlab_rails['ldap_enabled'] = true
|
|
||||||
gitlab_rails['ldap_servers'] = YAML.load <<-EOS # remember to close this block with 'EOS' below
|
|
||||||
main: # 'main' is the GitLab 'provider ID' of this LDAP server
|
|
||||||
label: 'LDAP'
|
|
||||||
host: 'ldap.company.com'
|
|
||||||
port: 3288
|
|
||||||
uid: 'sAMAccountName'
|
|
||||||
method: 'plain' # "tls" or "ssl" or "plain"
|
|
||||||
bind_dn: 'america\\momo'
|
|
||||||
password: 'MYPASSWORD'
|
|
||||||
active_directory: true
|
|
||||||
allow_username_or_email_login: true
|
|
||||||
base: 'DC=company,DC=com'
|
|
||||||
user_filter: '(&(objectclass=user)(|(samaccountname=momo)(samaccountname=toto)))'
|
|
||||||
EOS
|
|
||||||
```
|
|
||||||
|
|
||||||
|
|
||||||
**Source configuration**
|
**Source configuration**
|
||||||
|
|
||||||
Use the same format as `gitlab_rails['ldap_servers']` for the contents under
|
Use the same format as `gitlab_rails['ldap_servers']` for the contents under
|
||||||
`servers:` in the example below:
|
`servers:` in the example below:
|
||||||
|
|
||||||
|
```
|
||||||
production:
|
production:
|
||||||
# snip...
|
# snip...
|
||||||
ldap:
|
ldap:
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue