Hello, I've installed Gitorious on a CentOS 6.3 system using the install script last week I've been trying to get Active Directory authentication to work for the last few days with no luck. I keep getting "Not there yet." with the LDAP test script. We are running Windows 2008 R2 domain controllers in our environment.
When trying to authenticate through the web interface, I have tried the following options below and keep getting the error message "Email and/or password did not match, please try again: 1) DOMAIN\username 2) username by iteself 3) [email protected] Can someone please tell me what I might be doing wrong here? My authentication.yml file is below: -------------------------------------------------------------------------------------------------------------------------------- # Configure authentication by saving this file as authentication.yml One section # for each RAILS_ENV, like database.yml # # If you just want straight database backed authentication you don't need this # file at all. # #development: production: # Disable database authentication altogether disable_default: true # Disable OpenID authentication by uncommenting the next line. It's on by default enable_openid: false # additional methods, an array of hashes methods: # An adapter is a class that implements an authentication mechanism. You # can roll your own, or use one of Gitorious' prepackaged ones. # Available implementations are: # Gitorious::Authentication::LDAPAuthentication # Gitorious::Authentication::Crowd ############################################################################ # Example of configuring LDAP authentication - adapter: Gitorious::Authentication::LDAPAuthentication # IP/hostname to LDAP server host: dc.domain.local # Override the default port (389) #port: 1999 # The base DN to search base_dn: DC=domain,DC=local # The base DN when searching for groups (for authorization) # If unspecified, base_dn is used # group_search_dn: OU=groups,dc=gitorious,dc=org # What LDAP attribute to use for user authentication. Default is CN #login_attribute: uid # How to build a user's DN. Default: $LOGIN_ATTRIBUTE={},$BASE_DN, # e.g. CN=chris,DC=gitorious,DC=org distinguished_name_template: "{}@domain.local" # Map LDAP fields to database fields. # Default: displayname => fullname, mail => email # attribute_mapping: # givenName: fullname # publicEmail: email # See Net-LDAP for other options, or use "none" for no encryption. # Defaults to "simple_tls" if not set. encryption: none # A class/object that will be called after successful authentication # through LDAP. Will be "constantized", post_authenticate will be called # with an options hash. See LdapAuthenticationTest. #callback_class: SampleCallback # Specify a username/password to use for authenticated bind # NOTE: This is required when using LDAP for authorization bind_user: username: [email protected] password: ldap_svc_password # When using LDAP authorization: which attribute in a user # record specifies groups a user is member of # This will depend on your schema/LDAP server implementation # but in 9/10 cases, it will be memberof #membership_attribute_name: memberof # When using LDAP authorization: which attribute in a group # record specifies users that are member of the group # This will depend on your LDAP schema, but will usually be # member or uniquemember #members_attribute_name: member # To increase performance, Gitorious supports caching the result # of group lookups. Enter how many minutes these results should # be cached, default is 0 (no caching) #cache_expiry: 60 # End LDAP configuration example ------------------------------------------------------------------------------------------------------------------------------- -- -- To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] --- You received this message because you are subscribed to the Google Groups "Gitorious" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
