I'm using the following configuration but when adding a group to a team no
users are listed, or permissions applied. Groups are being added as CN=Group
and fall under OU=Gitorious,OU=Security Groups,OU=Network
Users,DC=DOMAIN,DC=LOCAL. I'm able to log in find as an ldap user however.
(gitorious 3.2 on ubuntu 14.04)
enable_openid: false
# additional methods, an array of hashes
methods:
# An adapter is a class that implements an authentication mechanism. You
# can roll your own, or use one of Gitorious' prepackaged ones.
# Available implementations are:
# Gitorious::Authentication::LDAPAuthentication
# Gitorious::Authentication::CrowdAuthentication
############################################################################
# Example of configuring LDAP authentication
- adapter: Gitorious::Authentication::LDAPAuthentication
# IP/hostname to LDAP server
host: 10.1.1.1
# Override the default port (389)
port: 389
# The base DN to search
base_dn: DC=DOMAIN,DC=LOCAL
# The base DN when searching for groups (for authorization)
# If unspecified, base_dn is used
group_search_dn: OU=Gitorious,OU=Security Groups,OU=Network
Users,DC=DOMAIN,DC=LOCAL
# What LDAP attribute to use for user authentication. Default is CN
login_attribute: sAMAccountName
# How to build a user's DN. Default: $LOGIN_ATTRIBUTE={},$BASE_DN,
# e.g. CN=chris,DC=gitorious,DC=org
distinguished_name_template: "{}@domain.local"
# Map LDAP fields to database fields.
# Default: displayname => fullname, mail => email
# attribute_mapping:
# displayName: fullname
# mail: email
# See Net-LDAP for other options, or use "none" for no encryption.
# Defaults to "simple_tls" if not set.
encryption: none
# A class/object that will be called after successful authentication
# through LDAP. Will be "constantized", post_authenticate will be called
# with an options hash. See LDAPAuthenticationTest.
#callback_class: SampleCallback
# Specify a username/password to use for authenticated bind
# NOTE: This is required when using LDAP for authorization
bind_user:
username: [email protected]
password: Password
# When using LDAP authorization: which attribute in a user
# record specifies groups a user is member of
# This will depend on your schema/LDAP server implementation
# but in 9/10 cases, it will be memberof
membership_attribute_name: memberOf
# When using LDAP authorization: which attribute in a group
# record specifies users that are member of the group
# This will depend on your LDAP schema, but will usually be
# member or uniquemember
members_attribute_name: member
--
--
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
---
You received this message because you are subscribed to the Google Groups
"Gitorious" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
