Commit fce242c023c0ffc5b4ed4a87d237c30aaf0c0138
1 parent
c2225cc5
Exists in
master
and in
16 other branches
Add support for GitLab EE LDAP attributes
Showing
2 changed files
with
15 additions
and
0 deletions
Show diff stats
files/gitlab-cookbooks/gitlab/attributes/default.rb
| ... | ... | @@ -86,6 +86,8 @@ default['gitlab']['gitlab-rails']['ldap_method'] = "ssl" |
| 86 | 86 | default['gitlab']['gitlab-rails']['ldap_bind_dn'] = "_the_full_dn_of_the_user_you_will_bind_with" |
| 87 | 87 | default['gitlab']['gitlab-rails']['ldap_password'] = "_the_password_of_the_bind_user" |
| 88 | 88 | default['gitlab']['gitlab-rails']['ldap_allow_username_or_email_login'] = true |
| 89 | +default['gitlab']['gitlab-rails']['ldap_user_filter'] = "" | |
| 90 | +default['gitlab']['gitlab-rails']['ldap_group_base'] = "" | |
| 89 | 91 | default['gitlab']['gitlab-rails']['satellites_path'] = "/var/opt/gitlab/git-data/gitlab-satellites" |
| 90 | 92 | default['gitlab']['gitlab-rails']['backup_path'] = "/var/opt/gitlab/backups" |
| 91 | 93 | default['gitlab']['gitlab-rails']['gitlab_shell_path'] = "/opt/gitlab/embedded/service/gitlab-shell/" | ... | ... |
files/gitlab-cookbooks/gitlab/templates/default/gitlab.yml.erb
| ... | ... | @@ -142,6 +142,19 @@ production: &base |
| 142 | 142 | # disable this setting, because the userPrincipalName contains an '@'. |
| 143 | 143 | allow_username_or_email_login: <%= @ldap_allow_username_or_email_login %> |
| 144 | 144 | |
| 145 | + # Filter LDAP users | |
| 146 | + # | |
| 147 | + # Format: RFC 4515 | |
| 148 | + # Ex. (employeeType=developer) | |
| 149 | + # | |
| 150 | + user_filter: '<%= @ldap_user_filter %>' | |
| 151 | + | |
| 152 | + # Base where we can search for groups | |
| 153 | + # | |
| 154 | + # Ex. ou=Groups,dc=gitlab,dc=example | |
| 155 | + # | |
| 156 | + group_base: '<%= @ldap_group_base %>' | |
| 157 | + | |
| 145 | 158 | ## OmniAuth settings |
| 146 | 159 | omniauth: |
| 147 | 160 | # Allow login via Twitter, Google, etc. using OmniAuth providers | ... | ... |