Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
fdaa49ca
Commit
fdaa49ca
authored
Jun 09, 2017
by
Michael Kozono
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update LDAP SSL config options
parent
0b4eb7f2
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
32 additions
and
4 deletions
+32
-4
doc/administration/auth/ldap.md
doc/administration/auth/ldap.md
+32
-4
No files found.
doc/administration/auth/ldap.md
View file @
fdaa49ca
...
@@ -69,14 +69,42 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
...
@@ -69,14 +69,42 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
# Example: 'ldap.mydomain.com'
# Example: 'ldap.mydomain.com'
host: '_your_ldap_server'
host: '_your_ldap_server'
# This port is an example, it is sometimes different but it is always an integer and not a string
# This port is an example, it is sometimes different but it is always an integer and not a string
port: 389
port: 389
# usually 636 for SSL
uid: 'sAMAccountName' # This should be the attribute, not the value that maps to uid.
uid: 'sAMAccountName' # This should be the attribute, not the value that maps to uid.
method: 'plain' # "tls" or "ssl" or "plain"
# Examples: 'america
\\
momo' or 'CN=Gitlab Git,CN=Users,DC=mydomain,DC=com'
# Examples: 'america
\\
momo' or 'CN=Gitlab Git,CN=Users,DC=mydomain,DC=com'
bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
password: '_the_password_of_the_bind_user'
password: '_the_password_of_the_bind_user'
# Encryption method. The "method" key is deprecated in favor of
# "encryption".
#
# Examples: "start_tls" or "simple_tls" or "plain"
#
# Deprecated values: "tls" was replaced with "start_tls" and "ssl" was
# replaced with "simple_tls".
#
encryption: 'plain'
# Enables SSL certificate verification if encryption method is
# "start_tls" or "simple_tls". (Defaults to false for backward-
# compatibility)
verify_certificates: false
# Specifies the path to a file containing a PEM-format CA certificate,
# e.g. if you need to use an internal CA.
#
# Example: '/etc/ca.pem'
#
ca_cert: ''
# Specifies the SSL version for OpenSSL to use, if the OpenSSL default
# is not appropriate.
#
# Example: 'TLSv1_1'
#
ssl_version: ''
# Set a timeout, in seconds, for LDAP queries. This helps avoid blocking
# Set a timeout, in seconds, for LDAP queries. This helps avoid blocking
# a request if the LDAP server becomes unresponsive.
# a request if the LDAP server becomes unresponsive.
# A value of 0 means there is no timeout.
# A value of 0 means there is no timeout.
...
@@ -116,8 +144,8 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
...
@@ -116,8 +144,8 @@ main: # 'main' is the GitLab 'provider ID' of this LDAP server
#
#
# Note: GitLab does not support omniauth-ldap's custom filter syntax.
# Note: GitLab does not support omniauth-ldap's custom filter syntax.
#
#
#
Below an example for get only specific users
#
Example for getting only specific users:
#
Example:
'(&(objectclass=user)(|(samaccountname=momo)(samaccountname=toto)))'
# '(&(objectclass=user)(|(samaccountname=momo)(samaccountname=toto)))'
#
#
user_filter: ''
user_filter: ''
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment