We are trying to integrate our local Gitlab CE installation (omnibus, version 8.12) with our LDAP server. Unfortunately, after several changes to the following configuration, we have not been able to figure out the right config.
gitlab_rails['ldap_enabled'] = true
gitlab_rails['ldap_servers'] = YAML.load <<-EOS # remember to close this block with 'EOS' below
main: # 'main' is the GitLab 'provider ID' of this LDAP server
label: 'LDAP'
host: '******.******.***'
port: 389
uid: 'sAMAccountName'
method: 'plain' # "tls" or "ssl" or "plain"
bind_dn: 'uid=******,ou=******,o=Applications,o=******,c=******'
password: '**********'
timeout: 10
active_directory: true
allow_username_or_email_login: false
block_auto_created_users: false
base: 'o=******'
user_filter: ''
attributes:
username: ['uid', 'userid', 'sAMAccountName']
email: ['mailExterno', 'mail', 'email', 'userPrincipalName']
name: 'cn'
first_name: 'givenName'
last_name: 'sn'
## EE only
group_base: ''
admin_group: ''
sync_ssh_keys: false
EOS
Executing the LDAP check displays zero users:
[root@myserver mydir]# gitlab-rake gitlab:ldap:check
Checking LDAP ...
LDAP users with access to your GitLab server (only showing the first 100 results)
Server: ldapmain
Checking LDAP ... Finished
We have dozens of users in our LDAP server and many applications (such as Redmine, Jenkins, Svn....) integrated with it without problems...
Any ideas on what are we doing wrong with Gitlab?
Help would be very much appreciated.
Finally we found the solution. I'm posting the answer here just in case someone else reading this and facing similar issues might find it useful.
The LDAP server I was connecting to was not an Active Directory, so the configuration changes I needed to do where:
#...
uid: 'uid'
#...
active_directory: false
#...
A very important aspect to take into account is that, in order to apply the changes, restarting gitlab is not enough, we should execute reconfigure:
sudo gitlab-ctl reconfigure