LDAP Integration with GitLab CE

UCS - Univention Corporate Server
#1

Hey Folks,

First time I’m using this product for a small team, so far I’m relatively impressed. But, I have a snag that threatens me to start over and try something else. I’m looking to integrate with a gitlab server, and I followed this useful threads:


https://docs.gitlab.com/ee/administration/auth/how_to_configure_ldap_gitlab_ce/#example-gitlabrb-ldap

Now, I’m able to do an ldapsearch from the gitlab server to my domain, but for some reason I cannot get GitLab software to do the same. I feel like I’m ignorant somewhere, and I feel like it’s the UID variable, I’m not sure what to set it to. According to the help thread here in the forum, they put a generic “uid” for the field. I just don’t think that’s what it’s supposed to be for gitlab. Right now, I’m simply testing without TLS/SSL, simply LDAP (until I get it setup). What am I missing here?

Thanks,

-David V

#2

Well folks, I had a good case of misspelling. It works just fine.

Sorry for the inconvenience.

In case anyone is curious what my config looked like in /etc/gitlab/gitlab.rb, it was this:

gitlab_rails['ldap_enabled'] = true
#gitlab_rails['prevent_ldap_sign_in'] = false

###! **remember to close this block with 'EOS' below**
gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
  main: # 'main' is the GitLab 'provider ID' of this LDAP server
    label: 'COMPANY LDAP'
    host: 'hostname.company.org'
    port: 389
    uid: 'uid'
    bind_dn: 'uid=gitlabsrv,cn=users,dc=company,dc=org'
    password: 'testpassword' #change this
    encryption: 'plain' # "start_tls" or "simple_tls" or "plain"
    verify_certificates: false
    smartcard_auth: false
    active_directory: false
    allow_username_or_email_login: true
    lowercase_usernames: true
    block_auto_created_users: false
    base: 'cn=users,dc=company,dc=org'
    user_filter: '(objectClass=organizationalPerson)'
2 Likes
Mastodon