Update LDAP SSL config options
This commit is contained in:
parent
0b4eb7f218
commit
fdaa49ca29
|
@ -69,14 +69,42 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
|
|||
# Example: 'ldap.mydomain.com'
|
||||
host: '_your_ldap_server'
|
||||
# This port is an example, it is sometimes different but it is always an integer and not a string
|
||||
port: 389
|
||||
port: 389 # usually 636 for SSL
|
||||
uid: 'sAMAccountName' # This should be the attribute, not the value that maps to uid.
|
||||
method: 'plain' # "tls" or "ssl" or "plain"
|
||||
|
||||
# Examples: 'america\\momo' or 'CN=Gitlab Git,CN=Users,DC=mydomain,DC=com'
|
||||
bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
|
||||
password: '_the_password_of_the_bind_user'
|
||||
|
||||
# Encryption method. The "method" key is deprecated in favor of
|
||||
# "encryption".
|
||||
#
|
||||
# Examples: "start_tls" or "simple_tls" or "plain"
|
||||
#
|
||||
# Deprecated values: "tls" was replaced with "start_tls" and "ssl" was
|
||||
# replaced with "simple_tls".
|
||||
#
|
||||
encryption: 'plain'
|
||||
|
||||
# Enables SSL certificate verification if encryption method is
|
||||
# "start_tls" or "simple_tls". (Defaults to false for backward-
|
||||
# compatibility)
|
||||
verify_certificates: false
|
||||
|
||||
# Specifies the path to a file containing a PEM-format CA certificate,
|
||||
# e.g. if you need to use an internal CA.
|
||||
#
|
||||
# Example: '/etc/ca.pem'
|
||||
#
|
||||
ca_cert: ''
|
||||
|
||||
# Specifies the SSL version for OpenSSL to use, if the OpenSSL default
|
||||
# is not appropriate.
|
||||
#
|
||||
# Example: 'TLSv1_1'
|
||||
#
|
||||
ssl_version: ''
|
||||
|
||||
# Set a timeout, in seconds, for LDAP queries. This helps avoid blocking
|
||||
# a request if the LDAP server becomes unresponsive.
|
||||
# A value of 0 means there is no timeout.
|
||||
|
@ -116,8 +144,8 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
|
|||
#
|
||||
# Note: GitLab does not support omniauth-ldap's custom filter syntax.
|
||||
#
|
||||
# Below an example for get only specific users
|
||||
# Example: '(&(objectclass=user)(|(samaccountname=momo)(samaccountname=toto)))'
|
||||
# Example for getting only specific users:
|
||||
# '(&(objectclass=user)(|(samaccountname=momo)(samaccountname=toto)))'
|
||||
#
|
||||
user_filter: ''
|
||||
|
||||
|
|
Loading…
Reference in New Issue