diff options
Diffstat (limited to 'doc/security')
-rw-r--r-- | doc/security/README.md | 1 | ||||
-rw-r--r-- | doc/security/reset_root_password.md | 2 | ||||
-rw-r--r-- | doc/security/two_factor_authentication.md | 2 | ||||
-rw-r--r-- | doc/security/unlock_user.md | 31 | ||||
-rw-r--r-- | doc/security/user_email_confirmation.md | 4 |
5 files changed, 36 insertions, 4 deletions
diff --git a/doc/security/README.md b/doc/security/README.md index d397ff104ab..e22dc00759d 100644 --- a/doc/security/README.md +++ b/doc/security/README.md @@ -10,6 +10,7 @@ comments: false - [Webhooks and insecure internal web services](webhooks.md) - [Information exclusivity](information_exclusivity.md) - [Reset your root password](reset_root_password.md) +- [Unlock a locked user](unlock_user.md) - [User File Uploads](user_file_uploads.md) - [How we manage the CRIME vulnerability](crime_vulnerability.md) - [Enforce Two-factor authentication](two_factor_authentication.md) diff --git a/doc/security/reset_root_password.md b/doc/security/reset_root_password.md index 3c13f262677..6a882ed6fe5 100644 --- a/doc/security/reset_root_password.md +++ b/doc/security/reset_root_password.md @@ -37,4 +37,4 @@ Don't forget to save the changes. user.save! ``` -Exit the console and try to login with your new password.
\ No newline at end of file +Exit the console and try to login with your new password. diff --git a/doc/security/two_factor_authentication.md b/doc/security/two_factor_authentication.md index f02f7b807cf..cd290a80314 100644 --- a/doc/security/two_factor_authentication.md +++ b/doc/security/two_factor_authentication.md @@ -11,7 +11,7 @@ You can read more about it here: ## Enforcing 2FA for all users Users on GitLab, can enable it without any admin's intervention. If you want to -enforce everyone to setup 2FA, you can choose from two different ways: +enforce everyone to set up 2FA, you can choose from two different ways: 1. Enforce on next login 2. Suggest on next login, but allow a grace period before enforcing. diff --git a/doc/security/unlock_user.md b/doc/security/unlock_user.md new file mode 100644 index 00000000000..d5ecef7f605 --- /dev/null +++ b/doc/security/unlock_user.md @@ -0,0 +1,31 @@ +# How to unlock a locked user + +Log into your server with root privileges. Then start a Ruby on Rails console. + +Start the console with this command: + +```bash +gitlab-rails console production +``` + +Wait until the console has loaded. + +There are multiple ways to find your user. You can search for email or username. + +```bash +user = User.where(id: 1).first +``` + +or + +```bash +user = User.find_by(email: 'admin@local.host') +``` + +Unlock the user: + +```bash +user.unlock_access! +``` + +Exit the console, the user should now be able to log in again. diff --git a/doc/security/user_email_confirmation.md b/doc/security/user_email_confirmation.md index 4293944ae8b..8c07e11dcb1 100644 --- a/doc/security/user_email_confirmation.md +++ b/doc/security/user_email_confirmation.md @@ -1,7 +1,7 @@ # User email confirmation at sign-up -Gitlab admin can enable email confirmation on sign-up, if you want to confirm all +GitLab admin can enable email confirmation on sign-up, if you want to confirm all user emails before they are able to sign-in. In the Admin area under **Settings** (`/admin/application_settings`), go to section -**Sign-in Restrictions** and look for **Send confirmation email on sign-up** option. +**Sign-up Restrictions** and look for **Send confirmation email on sign-up** option. |