Not sure about 2003 anymore, but I was able to get this to work with our
configuration.
ldap:
enabled: true
host: 'gallodc01.hcl.internal'
base: 'OU=_Users,OU=-Health_Care_Logistics,DC=hcl,DC=internal'
port: 636
uid: 'sAMAccountName'
method: 'ssl' # "tls" or "ssl" or "plain"
bind_dn: 'CN=ldap,OU=_Users,OU=-Shared,DC=hcl,DC=internal'
password: '<********>'
# If allow_username_or_email_login is enabled, GitLab will ignore
everything
# after the first '@' in the LDAP username submitted by the user on
login.
#
# Example:
# - the user enters 'jane....@example.com' and 'p@ssw0rd' as LDAP
credentials;
# - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
#
# If you are using "uid: 'userPrincipalName'" on ActiveDirectory you
need to
# disable this setting, because the userPrincipalName contains an '@'.
allow_username_or_email_login: true
Then our users can just login with their username and password as long as
their user exists within the base DN.
On Saturday, May 10, 2014 6:34:58 AM UTC-4, Vikas Kumar wrote:
>
> Dear All,
>
> I am have *GitLab v6.8.1* installed on *Ubuntu 14.04 64-Bit *(192.168.1.10)
> server.
> I am looking to enable authentication from *Win 2003 Active Directory
> Server *(192.168.1.200)
>
> As asked here
> <https://raymii.org/s/tutorials/Gitlab_and_Active_Directory_LDAP_Authentication.html>,
>
> I have created a user *Gitlab *and set its password *Password@123 *(the
> options are slightly different on my AD console). Please see below
> screenshot.
>
>
> <https://lh3.googleusercontent.com/-VIVEW3liW7Q/U23-GqSjyvI/AAAAAAAAAZM/1e4FX-l3KGA/s1600/Gitlab-1.png>
>
>
> I am also attaching BeaverTrail
> <http://adsi.mvps.org/adsi/csharp/beavertail.html> view just in case it
> helps to dig my issue.
>
>
> <https://lh5.googleusercontent.com/-qOkS3ibya_I/U23-aGO_1ZI/AAAAAAAAAZU/u4ppEjFDdNA/s1600/Gitlab-2.png>
>
>
>
> Here is my */home/git/gitlab/config/gitlab.yml*
>
> ldap:
> enabled: true
> host: '192.168.1.200'
> base: 'CN=Users,DC=test,DC=com'
> port: 389
> uid: 'sAMAccountName'
> method: 'plain' # "tls" or "ssl" or "plain"
> bind_dn: 'CN=Gitlab LDAP,CN=Users,DC=test,DC=com'
> password: 'Password@123'
>
> I am not sure which password is to be provided above. Is it *Gitlab
> user's password* or *Win 2003 AD Administrator's password* ? Anyways, I
> have tried both of them in vain.
>
> Service restarted well without any errors.
> root@box1:~# service gitlab restart
> Shutting down both Unicorn and Sidekiq.
> GitLab is not running.
> Starting both the GitLab Unicorn and Sidekiq
> The GitLab Unicorn web server with pid 2938 is running.
> The GitLab Sidekiq job dispatcher with pid 2970 is running.
> GitLab and all its components are up and running.
> root@box1:~#
>
> To test things out, I have 3 AD users - User1, user2 and user3 which are
> working fine otherwise.
>
> I logged on to http://192.168.1.10 and used my domain credentials as
> below, but none of these worked.
> TEST\User1
> test.com\User1
> TEST\user1
> test.com\user1
> us...@test.com <javascript:>
>
> I always get this error - "Could not authorize you from LDAP because
> "Invalid credentials".
>
> Regards,
> Vikas
>
>
>
--
You received this message because you are subscribed to the Google Groups
"GitLab" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to gitlabhq+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/gitlabhq/bbd09bcb-bdcc-4250-8efa-b8088f290e0c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
