diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-24 21:07:54 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-24 21:07:54 +0000 |
commit | c4db541c1b2c97ab1eda354ea3899489fe5c33e5 (patch) | |
tree | 45d5d381232179082ea11136e3b53211b37349d5 /doc/administration/troubleshooting | |
parent | 603c7d4cac5e28bc1c75e50c23ed2cbe56f1aafc (diff) | |
download | gitlab-ce-c4db541c1b2c97ab1eda354ea3899489fe5c33e5.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/administration/troubleshooting')
-rw-r--r-- | doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md | 92 |
1 files changed, 0 insertions, 92 deletions
diff --git a/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md b/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md index ec7b4c20462..15ed436fb34 100644 --- a/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md +++ b/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md @@ -536,98 +536,6 @@ group = Group.find_by_path_or_name('group-name') group.project_creation_level=0 ``` -## LDAP - -### LDAP commands in the rails console - -TIP: **TIP:** -Use the rails runner to avoid entering the rails console in the first place. -This is great when only a single command (such as a UserSync or GroupSync) -is needed. - -```ruby -# Get debug output -Rails.logger.level = Logger::DEBUG - -# Run a UserSync (normally performed once a day) -LdapSyncWorker.new.perform - -# Run a GroupSync for all groups (9.3-) -LdapGroupSyncWorker.new.perform - -# Run a GroupSync for all groups (9.3+) -LdapAllGroupsSyncWorker.new.perform - -# Run a GroupSync for a single group (10.6-) -group = Group.find_by(name: 'my_gitlab_group') -EE::Gitlab::LDAP::Sync::Group.execute_all_providers(group) - -# Run a GroupSync for a single group (10.6+) -group = Group.find_by(name: 'my_gitlab_group') -EE::Gitlab::Auth::Ldap::Sync::Group.execute_all_providers(group) - -# Query an LDAP group directly (10.6-) -adapter = Gitlab::LDAP::Adapter.new('ldapmain') # If `main` is the LDAP provider -ldap_group = EE::Gitlab::LDAP::Group.find_by_cn('group_cn_here', adapter) -ldap_group.member_dns -ldap_group.member_uids - -# Query an LDAP group directly (10.6+) -adapter = Gitlab::Auth::Ldap::Adapter.new('ldapmain') # If `main` is the LDAP provider -ldap_group = EE::Gitlab::Auth::Ldap::Group.find_by_cn('group_cn_here', adapter) -ldap_group.member_dns -ldap_group.member_uids - -# Lookup a particular user (10.6+) -# This could expose potential errors connecting to and/or querying LDAP that may seem to -# fail silently in the GitLab UI -adapter = Gitlab::Auth::Ldap::Adapter.new('ldapmain') # If `main` is the LDAP provider -user = Gitlab::Auth::Ldap::Person.find_by_uid('<username>',adapter) - -# Query the LDAP server directly (10.6+) -## For an example, see https://gitlab.com/gitlab-org/gitlab/blob/master/ee/lib/ee/gitlab/auth/ldap/adapter.rb -adapter = Gitlab::Auth::Ldap::Adapter.new('ldapmain') -options = { - # the :base is required - # use adapter.config.base for the base or .group_base for the group_base - base: adapter.config.group_base, - - # :filter is optional - # 'cn' looks for all "cn"s under :base - # '*' is the search string - here, it's a wildcard - filter: Net::LDAP::Filter.eq('cn', '*'), - - # :attributes is optional - # the attributes we want to get returned - attributes: %w(dn cn memberuid member submember uniquemember memberof) -} -adapter.ldap_search(options) -``` - -### Update user accounts when the `dn` and email change - -The following will require that any accounts with the new email address are removed. -Emails have to be unique in GitLab. This is expected to work but unverified as of yet: - -```ruby -# Here's an example with a couple users. -# Each entry will have to include the old username and the new email -emails = { - 'ORIGINAL_USERNAME' => 'NEW_EMAIL_ADDRESS', - ... -} - -emails.each do |username, email| - user = User.find_by_username(username) - user.email = email - user.skip_reconfirmation! - user.save! -end - -# Run the UserSync to update the above users' data -LdapSyncWorker.new.perform -``` - ## Routes ### Remove redirecting routes |