On Tue, Dec 11, 2012 at 11:27:38PM -0800, DanSab wrote: > Hello. > I have a question about new ldap authorization capabilities. > I set up new instance of gitorious, tuned authentication.yml and now can > log into web-interface with my Active Directory credentials. > But still can't find out how i can include ldap groups into gitorious teams > as it mentioned here: > http://blog.gitorious.org/2012/10/25/ldap-authorization-lands-in-gitorious-mainline/ > "...you still define Teams in Gitorious – but those teams have LDAP groups > as members, not users..."
Daniil, Sorry we haven't gotten around to documenting this better yet. Once you have set this up correctly, you should see a slightly different-looking form when visiting the /teams/new URL on your server. Instead of the regular form, you should see a textarea where you can enter names of LDAP groups to make your team. In this field you should list the name of one LDAP group name per line; just add the attributes that are not part the `group_search_dn` you have defined for your server in config/authentication.yml. If your server has a group_search_dn of ou=groups,dc=example, and you have a group "cn=developers,ou=groups,dc=example", you should enter cn=developers on one of the lines in the member list. Gitorious will verify that this group exists on your LDAP server and give an error message if that fails. Add as many LDAP groups as you wish (again, one per line), but keep in mind that your LDAP server may support having groups as members of groups for you. Cheers, - Marius -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com
