# This setting controls the amount of time between LDAP permission checks for each user.
password: '_the_password_of_the_bind_user'
# After this time has expired for a given user, their next interaction with GitLab (a click in the web UI, a git pull etc.) will be slower because the LDAP permission check is being performed.
# How much slower depends on your LDAP setup, but it is not uncommon for this check to add seconds of waiting time.
# When authenticating against an ldap server, this will provide a unique identifier
# The default value is to have a 'slow click' once every 3600 seconds, i.e. once per hour.
# Only use uniq numbers here
#
index: 1
# Warning: if you set this value too low, every click in GitLab will be a 'slow click' for all of your LDAP users.
# sync_time: 3600
# This setting controls the amount of time between LDAP permission checks for each user.
# After this time has expired for a given user, their next interaction with GitLab (a click in the web UI, a git pull etc.) will be slower because the LDAP permission check is being performed.
# If allow_username_or_email_login is enabled, GitLab will ignore everything
# How much slower depends on your LDAP setup, but it is not uncommon for this check to add seconds of waiting time.
# after the first '@' in the LDAP username submitted by the user on login.
# The default value is to have a 'slow click' once every 3600 seconds, i.e. once per hour.
#
#
# Example:
# Warning: if you set this value too low, every click in GitLab will be a 'slow click' for all of your LDAP users.
# - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials;
# sync_time: 3600
# - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
#
# If allow_username_or_email_login is enabled, GitLab will ignore everything
# If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
# after the first '@' in the LDAP username submitted by the user on login.
# disable this setting, because the userPrincipalName contains an '@'.
#
allow_username_or_email_login: false
# Example:
# - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials;
# Base where we can search for users
# - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
#
#
# Ex. ou=People,dc=gitlab,dc=example
# If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
#
# disable this setting, because the userPrincipalName contains an '@'.
base: ''
allow_username_or_email_login: false
# Filter LDAP users
# Base where we can search for users
#
#
# Format: RFC 4515
# Ex. ou=People,dc=gitlab,dc=example
# Ex. (employeeType=developer)
#
#
base: ''
user_filter: ''
# Filter LDAP users
# Base where we can search for groups
#
#
# Format: RFC 4515
# Ex. ou=Groups,dc=gitlab,dc=example
# Ex. (employeeType=developer)
#
#
group_base: ''
user_filter: ''
# LDAP group of users who should be admins in GitLab
# Base where we can search for groups
#
#
# Ex. GLAdmins
# Ex. ou=Groups,dc=gitlab,dc=example
#
#
admin_group: ''
group_base: ''
# Name of attribute which holds a ssh public key of the user object.
# LDAP group of users who should be admins in GitLab
# If false or nil, SSH key syncronisation will be disabled.
#
#
# Ex. GLAdmins
# Ex. sshpublickey
#
#
admin_group: ''
sync_ssh_keys: false
# Name of attribute which holds a ssh public key of the user object.
# If false or nil, SSH key syncronisation will be disabled.
