Re: [gitorious] ldap groups plus gitorious teams
hi, i've enabled ldap authorization, and now can see Ldap group names box. But it seems like groups are not checked using my ldap server, so i can create team with any ldap group as a member. But even if I add group that exists on my ldap server, it still have 0 members in it. Please, advice how i can debug this issue, there is nothing in logs. On Friday, December 14, 2012 1:32:35 PM UTC+2, DanSab wrote: Thank you, Marius. It is working well now. четверг, 13 декабря 2012 г., 17:47:29 UTC+4 пользователь Marius Mårnes Mathiesen написал: On Thu, Dec 13, 2012 at 03:55:56AM -0800, DanSab wrote: Very strange. I reinstalled gitorious from scratch and got the same results - ldap authentication is working but there is no ldap functionality on create team page. May be I should change something else that was not mentioned in post on blog.gitorious.org http://blog.gitorious.org/2012/10/25/ldap-authorization-lands-in-gitorious-mainline/ Hi, It appears there's a typo in the gitorious.sample.yml file :-( You should try entering: use_ldap_authorization: true in config/gitorious.yml. The sample file says use_ldap_for_authorization, which is a bug which we have fixed in the rails3 branch due to be merged into next in a couple of days. Try changing that and see if it helps. Cheers, - Marius -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com
Re: [gitorious] ldap groups plus gitorious teams
Thank you, Marius. It is working well now. четверг, 13 декабря 2012 г., 17:47:29 UTC+4 пользователь Marius Mårnes Mathiesen написал: On Thu, Dec 13, 2012 at 03:55:56AM -0800, DanSab wrote: Very strange. I reinstalled gitorious from scratch and got the same results - ldap authentication is working but there is no ldap functionality on create team page. May be I should change something else that was not mentioned in post on blog.gitorious.org http://blog.gitorious.org/2012/10/25/ldap-authorization-lands-in-gitorious-mainline/ Hi, It appears there's a typo in the gitorious.sample.yml file :-( You should try entering: use_ldap_authorization: true in config/gitorious.yml. The sample file says use_ldap_for_authorization, which is a bug which we have fixed in the rails3 branch due to be merged into next in a couple of days. Try changing that and see if it helps. Cheers, - Marius -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com
Re: [gitorious] ldap groups plus gitorious teams
Very strange. I reinstalled gitorious from scratch and got the same results - ldap authentication is working but there is no ldap functionality on create team page. May be I should change something else that was not mentioned in post on blog.gitorious.orghttp://blog.gitorious.org/2012/10/25/ldap-authorization-lands-in-gitorious-mainline/ ? среда, 12 декабря 2012 г., 14:19:29 UTC+4 пользователь DanSab написал: Thank you for so fast answer. But it seems I configured something wrong, because my new team form seems quite usual http://img203.imageshack.us/img203/1403/gitoriusteamadd.png;. I would be grateful if you point me out where misconfiguration may be. среда, 12 декабря 2012 г., 12:42:59 UTC+4 пользователь Marius Mårnes Mathiesen написал: On Tue, Dec 11, 2012 at 11:27:38PM -0800, DanSab wrote: Hello. I have a question about new ldap authorization capabilities. I set up new instance of gitorious, tuned authentication.yml and now can log into web-interface with my Active Directory credentials. But still can't find out how i can include ldap groups into gitorious teams as it mentioned here: http://blog.gitorious.org/2012/10/25/ldap-authorization-lands-in-gitorious-mainline/ ...you still define Teams in Gitorious – but those teams have LDAP groups as members, not users... Daniil, Sorry we haven't gotten around to documenting this better yet. Once you have set this up correctly, you should see a slightly different-looking form when visiting the /teams/new URL on your server. Instead of the regular form, you should see a textarea where you can enter names of LDAP groups to make your team. In this field you should list the name of one LDAP group name per line; just add the attributes that are not part the `group_search_dn` you have defined for your server in config/authentication.yml. If your server has a group_search_dn of ou=groups,dc=example, and you have a group cn=developers,ou=groups,dc=example, you should enter cn=developers on one of the lines in the member list. Gitorious will verify that this group exists on your LDAP server and give an error message if that fails. Add as many LDAP groups as you wish (again, one per line), but keep in mind that your LDAP server may support having groups as members of groups for you. Cheers, - Marius -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com
Re: [gitorious] ldap groups plus gitorious teams
On Thu, Dec 13, 2012 at 03:55:56AM -0800, DanSab wrote: Very strange. I reinstalled gitorious from scratch and got the same results - ldap authentication is working but there is no ldap functionality on create team page. May be I should change something else that was not mentioned in post on blog.gitorious.orghttp://blog.gitorious.org/2012/10/25/ldap-authorization-lands-in-gitorious-mainline/ Hi, It appears there's a typo in the gitorious.sample.yml file :-( You should try entering: use_ldap_authorization: true in config/gitorious.yml. The sample file says use_ldap_for_authorization, which is a bug which we have fixed in the rails3 branch due to be merged into next in a couple of days. Try changing that and see if it helps. Cheers, - Marius -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com
Re: [gitorious] ldap groups plus gitorious teams
On Tue, Dec 11, 2012 at 11:27:38PM -0800, DanSab wrote: Hello. I have a question about new ldap authorization capabilities. I set up new instance of gitorious, tuned authentication.yml and now can log into web-interface with my Active Directory credentials. But still can't find out how i can include ldap groups into gitorious teams as it mentioned here: http://blog.gitorious.org/2012/10/25/ldap-authorization-lands-in-gitorious-mainline/ ...you still define Teams in Gitorious – but those teams have LDAP groups as members, not users... Daniil, Sorry we haven't gotten around to documenting this better yet. Once you have set this up correctly, you should see a slightly different-looking form when visiting the /teams/new URL on your server. Instead of the regular form, you should see a textarea where you can enter names of LDAP groups to make your team. In this field you should list the name of one LDAP group name per line; just add the attributes that are not part the `group_search_dn` you have defined for your server in config/authentication.yml. If your server has a group_search_dn of ou=groups,dc=example, and you have a group cn=developers,ou=groups,dc=example, you should enter cn=developers on one of the lines in the member list. Gitorious will verify that this group exists on your LDAP server and give an error message if that fails. Add as many LDAP groups as you wish (again, one per line), but keep in mind that your LDAP server may support having groups as members of groups for you. Cheers, - Marius -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com