Translate

Friday, December 1, 2023

gitlab-ee with AD authentication

1. create ldap.yml under /etc/gitlab/ with these content:

main:

  label: 'Active Directory'

  host: 'ldapserver.mydomain.com'

  port: 3269

  active_directory: true

  uid: 'sAMAccountName'

  method: 'ssl'

  bind_dn: 'CN=gitlab_LDAP_prod,OU=Generic_IDs,OU=Users,OU=symcor Inc,dc=mydomain,dc=com'

  password: 'CjRfLeQV1'

  base: 'OU=Symcor Inc,dc=mydomain,dc=com'

  group_base: 'OU=Managed_groups,OU=Groups,OU=Symcor Inc,DC=mydomain,DC=com'

  group_filter: '(&(objectCategory=Group)(cn=GRP_GIT*))'

  user_filter: '(&(objectCategory=Person)(sAMAccountName=*)(|(memberOf=CN=GRP_GITLAB_ADMIN,OU=Managed_Gro

ups,OU=Groups,OU=Symcor Inc,DC=mydomain,DC=com)(memberOf=CN=GRP_GITLAB_USER,OU=Managed_Groups,OU=Groups,OU

=mydomain,DC=mydomain,DC=com)))'

  admin_group: 'GRP_GITLAB_ADMIN'

  external_groups: [ 'GRP_GITLAB_USER' ]

  attributes:

       username: ['sAMAccountName']

       email:    ['mail']

       name:       'cn'

       first_name: 'givenName'

       last_name:  'sn'

2. gitlab-ctl reconfigure

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)