Commit 6885379574e797358e909c0ac2ee77479dce2b03
1 parent
d8d33681
Exists in
master
removing LDAP instructions
Showing
3 changed files
with
0 additions
and
154 deletions
Show diff stats
LDAP-INSTALL/base.ldif
| ... | ... | @@ -1,33 +0,0 @@ |
| 1 | -dn: ou=Users,dc=colab,dc=dev | |
| 2 | -objectClass: organizationalUnit | |
| 3 | -ou: Users | |
| 4 | - | |
| 5 | -dn: uid=jsmith,ou=Users,dc=colab,dc=dev | |
| 6 | -objectClass: organizationalPerson | |
| 7 | -objectClass: person | |
| 8 | -objectClass: top | |
| 9 | -objectClass: inetOrgPerson | |
| 10 | -objectClass: posixAccount | |
| 11 | -objectClass: shadowAccount | |
| 12 | -uid: jsmith | |
| 13 | -sn: Smith | |
| 14 | -givenName: John | |
| 15 | -cn: John Smith | |
| 16 | -displayName: John Smith | |
| 17 | -uidNumber: 10000 | |
| 18 | -gidNumber: 10000 | |
| 19 | -userPassword: test | |
| 20 | -gecos: John Smith | |
| 21 | -loginShell: /bin/bash | |
| 22 | -homeDirectory: /profiles/jsmith | |
| 23 | -mail: gustmax@hotmail.com | |
| 24 | -telephoneNumber: 000-000-0000 | |
| 25 | -st: NY | |
| 26 | -manager: uid=jsmith,ou=Users,dc=colab,dc=dev | |
| 27 | -shadowExpire: -1 | |
| 28 | -shadowFlag: 0 | |
| 29 | -shadowWarning: 7 | |
| 30 | -shadowMin: 8 | |
| 31 | -shadowMax: 999999 | |
| 32 | -shadowLastChange: 10877 | |
| 33 | -title: System Administrator |
LDAP-INSTALL/index.ldif
LDAP-INSTALL/ldap_for_gitlab.md
| ... | ... | @@ -1,117 +0,0 @@ |
| 1 | -[extracted from: https://gitlab.com/gitlab-org/cookbook-gitlab/blob/master/doc/open_LDAP.md] | |
| 2 | -### Gitlab OpenLDAP setup | |
| 3 | - | |
| 4 | -#### Description | |
| 5 | - | |
| 6 | -This guide will help you setup OpenLDAP in case you need an LDAP server in your dev environment for GitLab. | |
| 7 | - | |
| 8 | -#### Setup | |
| 9 | - | |
| 10 | -install open ldap: | |
| 11 | - | |
| 12 | -```bash | |
| 13 | -sudo apt-get install slapd ldap-utils -y | |
| 14 | -``` | |
| 15 | - | |
| 16 | -This will prompt a setup window so we need to populate it with the correct credentials. | |
| 17 | - | |
| 18 | -When asked for administrator password use `colabldap`. | |
| 19 | -Repeat the password to confirm it. | |
| 20 | - | |
| 21 | -We will use the advantage of slapd setup to fully configure LDAP instead of filling in the details by hand in a text file: | |
| 22 | - | |
| 23 | -```bash | |
| 24 | -sudo dpkg-reconfigure slapd | |
| 25 | -``` | |
| 26 | -Answer the following questions: | |
| 27 | - | |
| 28 | -*You will be asked to omit OpenLDAP server configuration: `No` | |
| 29 | -*Under DNS domain name fill in: `colab.dev` | |
| 30 | -*Under organization name fill in: `colab.dev` | |
| 31 | -*Under administrator password fill in: `colabldap` | |
| 32 | -*Repeat password: `colabldap | |
| 33 | -*Database backend to use, select: `HDB` | |
| 34 | -*Do you want database to be removed when slapd is purged: `Yes` | |
| 35 | -*Move old database, choose: `Yes` | |
| 36 | -*Allow LDAPv2 protocol, choose: `No` | |
| 37 | - | |
| 38 | -** If at any point you get the error: ** | |
| 39 | - | |
| 40 | -``` | |
| 41 | -ldap_bind: Invalid credentials (49) | |
| 42 | -``` | |
| 43 | - | |
| 44 | -configure slapd again. | |
| 45 | - | |
| 46 | -Next, add index to make lookup easier, use the file index.ldif | |
| 47 | - | |
| 48 | -```bash | |
| 49 | -sudo ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f index.ldif | |
| 50 | -``` | |
| 51 | - | |
| 52 | -This should produce the following output: | |
| 53 | - | |
| 54 | -``` | |
| 55 | -modifying entry "olcDatabase={1}hdb,cn=config" | |
| 56 | -``` | |
| 57 | -If this is not the case recheck your steps and try again. | |
| 58 | - | |
| 59 | -You can verify that all is working: | |
| 60 | - | |
| 61 | -```bash | |
| 62 | -sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config '(olcDatabase={1}hdb)' olcDbIndex | |
| 63 | -``` | |
| 64 | -This should produce the following output: | |
| 65 | - | |
| 66 | -``` | |
| 67 | -dn: olcDatabase={1}hdb,cn=config | |
| 68 | -olcDbIndex: objectClass eq | |
| 69 | -olcDbIndex: uid eq,pres,sub | |
| 70 | -``` | |
| 71 | -If this is not the case recheck your steps and try again. | |
| 72 | - | |
| 73 | -Next step is to create an ldap user. | |
| 74 | - | |
| 75 | -Add the user to the LDAP database: | |
| 76 | - | |
| 77 | -```bash | |
| 78 | -ldapadd -x -D cn=admin,dc=colab,dc=dev -w colabldap -f base.ldif | |
| 79 | -``` | |
| 80 | - | |
| 81 | -This should produce the following output: | |
| 82 | - | |
| 83 | -``` | |
| 84 | -adding new entry "ou=Users,dc=colab,dc=dev" | |
| 85 | - | |
| 86 | -adding new entry "uid=jsmith,ou=Users,dc=colab,dc=dev" | |
| 87 | -``` | |
| 88 | -If this is not the case recheck your steps and try again. | |
| 89 | - | |
| 90 | -To confirm that the user is in LDAP, use: | |
| 91 | - | |
| 92 | -```bash | |
| 93 | -ldapsearch -x -LLL -b dc=colab,dc=dev 'uid=jsmith' uid uidNumber displayName | |
| 94 | -``` | |
| 95 | -and that should produce the output that looks like: | |
| 96 | - | |
| 97 | -``` | |
| 98 | -dn: uid=jsmith,ou=Users,dc=colab,dc=dev | |
| 99 | -uid: jsmith | |
| 100 | -displayName: John Smith | |
| 101 | -uidNumber: 10000 | |
| 102 | -``` | |
| 103 | -This would complete setting up the OpenLDAP server. Only thing that is left to do is to give the correct details to GitLab. | |
| 104 | -Under `gitlab.yml` there is a LDAP section that should look like this: | |
| 105 | - | |
| 106 | -``` | |
| 107 | - ## LDAP settings | |
| 108 | - ldap: | |
| 109 | - enabled: true | |
| 110 | - host: 'colab.dev' | |
| 111 | - base: 'dc=colab,dc=dev' | |
| 112 | - port: 389 | |
| 113 | - uid: 'uid' | |
| 114 | - method: 'plain' # "ssl" or "plain" | |
| 115 | - bind_dn: 'cn=admin,dc=colab,dc=dev' | |
| 116 | - password: 'colabldap' | |
| 117 | -``` |