Gitlab Active Directory LDAP Authentication
Published: 28-05-2013 | Author: Remy van Elst | Text only version of this article
Table of Contents
Gitlab is a self hosted git based source control application similar to Github,written in Ruby on Rails. It is used by many organisations and is a wonderfullpiece of software. It supports LDAP Authentication (via the OmniAuth Gem), butit is tricky to set up with Active Directory and Windows Server 2003/2008/2012.This tutorials shows you how to set up Gitlab to authenticate against ActiveDirectory LDAP.
You have to have a working Gitlab installation for this. It is tested withGitlab 3 and up to 5.2, with an Active Directory 2008 env, and a Mixed 2008 &2003 AD. Gitlab is installed on a Ubuntu box.
First create a user in the Active Directory. My CN is Users, and my user isnamed
gitlab. It does not have any special permissions, it is just a normaluser. Note the Full Name you use, in my example it is "Gitlab LDAP". See theimage below for an example:
Now go to your Gitlab server, log in and become the git user:
sudo su - git
And edit the
~/gitlab/config/gitlab.yml file. (Assuming you followed theofficial installation guide, otherwise adapt path.). The relevant LDAP sectionshould contain this:
ldap: enabled: true host: 'pdc1.domain.tld' base: 'CN=Users,DC=Domain,DC=tld' port: 389 uid: 'sAMAccountName' method: 'plain' # or "ssl" bind_dn: 'CN=Gitlab LDAP,CN=Users,DC=Domain,DC=tld' password: 'example_password'
It took me a while to find the correct
base_dn. It appears thatthey are capital sensitive,
cn=Users would not work, but
CN=Users does.Also, the
bind_dn does not use the users email address, but the
CNfirstname.lastname@example.org does not work, but
CN=Gitlab LDAP does.
Hope this helps you setting up Gitlab with LDAP auth. More info on Gitlab can befound on their website: http://gitlab.org/.Tags: active-directory, git, github, gitlab, gitlabshell, ldap, microsoft, scm, source-control, tutorials, windows-server