Skip to content

G
gitlab-ce
Commit a98497b2 authored by David's avatar David
Browse files
Options

Add more precision about LDAP configuration

parent 063aa5c9
Hide whitespace changes
Inline Side-by-side
Showing with 10 additions and 23 deletions
doc/administration/auth/ldap.md
View file @ a98497b2
...@@ -61,11 +61,15 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server ...@@ -61,11 +61,15 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
# #
# Example: 'Paris' or 'Acme, Ltd.' # Example: 'Paris' or 'Acme, Ltd.'
label: 'LDAP' label: 'LDAP'
# Example: 'ldap.mydomain.com'
host: '_your_ldap_server' host: '_your_ldap_server'
# This port is an example, it is sometimes different but it is always an integer and not a string
port: 389 port: 389
uid: 'sAMAccountName' uid: 'sAMAccountName'
method: 'plain' # "tls" or "ssl" or "plain" method: 'plain' # "tls" or "ssl" or "plain"
# Examples: 'america\\momo' or 'CN=Gitlab Git,CN=Users,DC=mydomain,DC=com'
bind_dn: '_the_full_dn_of_the_user_you_will_bind_with' bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
password: '_the_password_of_the_bind_user' password: '_the_password_of_the_bind_user'
...@@ -97,7 +101,7 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server ...@@ -97,7 +101,7 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
# Base where we can search for users # Base where we can search for users
# #
# Ex. ou=People,dc=gitlab,dc=example # Ex. 'ou=People,dc=gitlab,dc=example' or 'DC=mydomain,DC=com'
# #
base: '' base: ''
...@@ -108,6 +112,9 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server ...@@ -108,6 +112,9 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
# #
# Note: GitLab does not support omniauth-ldap's custom filter syntax. # Note: GitLab does not support omniauth-ldap's custom filter syntax.
# #
# Below an example for get only specific users
# Example: '(&(objectclass=user)(|(samaccountname=momo)(samaccountname=toto)))'
#
user_filter: '' user_filter: ''
# LDAP attributes that GitLab will use to create an account for the LDAP user. # LDAP attributes that GitLab will use to create an account for the LDAP user.
...@@ -162,32 +169,12 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server ...@@ -162,32 +169,12 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
EOS EOS
``` ```
An other example:
```ruby
gitlab_rails['ldap_enabled'] = true
gitlab_rails['ldap_servers'] = YAML.load <<-EOS # remember to close this block with 'EOS' below
main: # 'main' is the GitLab 'provider ID' of this LDAP server
label: 'LDAP'
host: 'ldap.company.com'
port: 3288
uid: 'sAMAccountName'
method: 'plain' # "tls" or "ssl" or "plain"
bind_dn: 'america\\momo'
password: 'MYPASSWORD'
active_directory: true
allow_username_or_email_login: true
base: 'DC=company,DC=com'
user_filter: '(&(objectclass=user)(|(samaccountname=momo)(samaccountname=toto)))'
EOS
```
**Source configuration** **Source configuration**
Use the same format as `gitlab_rails['ldap_servers']` for the contents under Use the same format as `gitlab_rails['ldap_servers']` for the contents under
`servers:` in the example below: `servers:` in the example below:
```
production: production:
# snip... # snip...
ldap: ldap:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7