Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
3cd5abf6
Commit
3cd5abf6
authored
Oct 13, 2014
by
Jan-Willem van der Meer
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add config changes for mutliple LDAP support (EE only)
parent
a7e071e9
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
75 additions
and
38 deletions
+75
-38
config/gitlab.yml.example
config/gitlab.yml.example
+75
-38
No files found.
config/gitlab.yml.example
View file @
3cd5abf6
...
@@ -134,44 +134,66 @@ production: &base
...
@@ -134,44 +134,66 @@ production: &base
# bundle exec rake gitlab:ldap:check RAILS_ENV=production
# bundle exec rake gitlab:ldap:check RAILS_ENV=production
ldap:
ldap:
enabled: false
enabled: false
host: '_your_ldap_server'
servers:
port: 636
-
uid: 'sAMAccountName'
## provider_id
method: 'ssl' # "tls" or "ssl" or "plain"
#
bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
# This identifier is used by GitLab to keep track of which LDAP server each
password: '_the_password_of_the_bind_user'
# GitLab user belongs to. Each LDAP server known to GitLab should have a unique
# provider_id. This identifier cannot be changed once users from the LDAP server
# This setting specifies if LDAP server is Active Directory LDAP server.
# have started logging in to GitLab.
# For non AD servers it skips the AD specific queries.
#
# If your LDAP server is not AD, set this to false.
# Format: one word, using a-z (lower case) and 0-9
active_directory: true
# Example: 'paris' or 'uswest2'
# If allow_username_or_email_login is enabled, GitLab will ignore everything
provider_id: main
# after the first '@' in the LDAP username submitted by the user on login.
#
## label
# Example:
#
# - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials;
# A human-friendly name for your LDAP server. It is OK to change the label later,
# - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
# for instance if you find out it is too large to fit on the web page.
#
#
# If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
# Example: 'Paris' or 'Acme, Ltd.'
# disable this setting, because the userPrincipalName contains an '@'.
allow_username_or_email_login: false
label: 'LDAP'
# Base where we can search for users
host: '_your_ldap_server'
#
port: 636
# Ex. ou=People,dc=gitlab,dc=example
uid: 'sAMAccountName'
#
method: 'ssl' # "tls" or "ssl" or "plain"
base: ''
bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
password: '_the_password_of_the_bind_user'
# Filter LDAP users
#
# This setting specifies if LDAP server is Active Directory LDAP server.
# Format: RFC 4515 http://tools.ietf.org/search/rfc4515
# For non AD servers it skips the AD specific queries.
# Ex. (employeeType=developer)
# If your LDAP server is not AD, set this to false.
#
active_directory: true
# Note: GitLab does not support omniauth-ldap's custom filter syntax.
#
# If allow_username_or_email_login is enabled, GitLab will ignore everything
user_filter: ''
# after the first '@' in the LDAP username submitted by the user on login.
#
# Example:
# - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials;
# - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
#
# If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
# disable this setting, because the userPrincipalName contains an '@'.
allow_username_or_email_login: false
# Base where we can search for users
#
# Ex. ou=People,dc=gitlab,dc=example
#
base: ''
# Filter LDAP users
#
# Format: RFC 4515 http://tools.ietf.org/search/rfc4515
# Ex. (employeeType=developer)
#
# Note: GitLab does not support omniauth-ldap's custom filter syntax.
#
user_filter: ''
## OmniAuth settings
## OmniAuth settings
omniauth:
omniauth:
...
@@ -299,6 +321,21 @@ test:
...
@@ -299,6 +321,21 @@ test:
project_url: "http://redmine/projects/:issues_tracker_id"
project_url: "http://redmine/projects/:issues_tracker_id"
issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
ldap:
enabled: false
servers:
-
provider_id: main
label: ldap
host: 127.0.0.1
port: 3890
uid: 'uid'
method: 'plain' # "tls" or "ssl" or "plain"
base: 'dc=example,dc=com'
user_filter: ''
group_base: 'ou=groups,dc=example,dc=com'
admin_group: ''
sync_ssh_keys: false
staging:
staging:
<<: *base
<<: *base
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment