From 063aa5c9222da3cbbf88cb57ce18ac937b7deb26 Mon Sep 17 00:00:00 2001 From: David Date: Mon, 10 Oct 2016 13:33:48 +0000 Subject: add an other ldap configuration example --- doc/administration/auth/ldap.md | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/doc/administration/auth/ldap.md b/doc/administration/auth/ldap.md index bf7814875bf..9444357c53e 100644 --- a/doc/administration/auth/ldap.md +++ b/doc/administration/auth/ldap.md @@ -162,12 +162,32 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server EOS ``` +An other example: +```ruby +gitlab_rails['ldap_enabled'] = true +gitlab_rails['ldap_servers'] = YAML.load <<-EOS # remember to close this block with 'EOS' below +main: # 'main' is the GitLab 'provider ID' of this LDAP server + label: 'LDAP' + host: 'ldap.company.com' + port: 3288 + uid: 'sAMAccountName' + method: 'plain' # "tls" or "ssl" or "plain" + bind_dn: 'america\\momo' + password: 'MYPASSWORD' + active_directory: true + allow_username_or_email_login: true + base: 'DC=company,DC=com' + user_filter: '(&(objectclass=user)(|(samaccountname=momo)(samaccountname=toto)))' +EOS +``` + + **Source configuration** Use the same format as `gitlab_rails['ldap_servers']` for the contents under `servers:` in the example below: -``` + production: # snip... ldap: -- cgit v1.2.1 From a98497b2dbbc6e462a3b4fb458c1246de848d03c Mon Sep 17 00:00:00 2001 From: David Date: Mon, 24 Oct 2016 07:59:02 +0000 Subject: Add more precision about LDAP configuration --- doc/administration/auth/ldap.md | 33 ++++++++++----------------------- 1 file changed, 10 insertions(+), 23 deletions(-) diff --git a/doc/administration/auth/ldap.md b/doc/administration/auth/ldap.md index 9444357c53e..9ed7cb05449 100644 --- a/doc/administration/auth/ldap.md +++ b/doc/administration/auth/ldap.md @@ -61,11 +61,15 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server # # Example: 'Paris' or 'Acme, Ltd.' label: 'LDAP' - + + # Example: 'ldap.mydomain.com' host: '_your_ldap_server' + # This port is an example, it is sometimes different but it is always an integer and not a string port: 389 uid: 'sAMAccountName' method: 'plain' # "tls" or "ssl" or "plain" + + # Examples: 'america\\momo' or 'CN=Gitlab Git,CN=Users,DC=mydomain,DC=com' bind_dn: '_the_full_dn_of_the_user_you_will_bind_with' password: '_the_password_of_the_bind_user' @@ -97,7 +101,7 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server # Base where we can search for users # - # Ex. ou=People,dc=gitlab,dc=example + # Ex. 'ou=People,dc=gitlab,dc=example' or 'DC=mydomain,DC=com' # base: '' @@ -108,6 +112,9 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server # # Note: GitLab does not support omniauth-ldap's custom filter syntax. # + # Below an example for get only specific users + # Example: '(&(objectclass=user)(|(samaccountname=momo)(samaccountname=toto)))' + # user_filter: '' # LDAP attributes that GitLab will use to create an account for the LDAP user. @@ -162,32 +169,12 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server EOS ``` -An other example: -```ruby -gitlab_rails['ldap_enabled'] = true -gitlab_rails['ldap_servers'] = YAML.load <<-EOS # remember to close this block with 'EOS' below -main: # 'main' is the GitLab 'provider ID' of this LDAP server - label: 'LDAP' - host: 'ldap.company.com' - port: 3288 - uid: 'sAMAccountName' - method: 'plain' # "tls" or "ssl" or "plain" - bind_dn: 'america\\momo' - password: 'MYPASSWORD' - active_directory: true - allow_username_or_email_login: true - base: 'DC=company,DC=com' - user_filter: '(&(objectclass=user)(|(samaccountname=momo)(samaccountname=toto)))' -EOS -``` - - **Source configuration** Use the same format as `gitlab_rails['ldap_servers']` for the contents under `servers:` in the example below: - +``` production: # snip... ldap: -- cgit v1.2.1