Gitlab Authentication with LDAP
Install self-managed GitLab
GitLab Server Details
| Attribute | Value |
|---|---|
| IP Address | 192.168.1.10 |
| FQDN | gitlab.local.com |
LDAP Server Details
| Attribute | Value |
|---|---|
| IP Address | 192.168.1.9 |
| FQDN | ad.local.com |
| LDAP Base DN | dc=local,dc=com |
| LDAP Bind DN | cn=bind_user,dc=local,dc=com |
| Bind User Password | your_bind_user_password |
GitLab LDAP Configuration Steps
| Step | Description |
|---|---|
| 1 | Open GitLab Configuration File: SSH into your GitLab server: ssh root@gitlab.local.comOpen the GitLab configuration file: sudo nano /etc/gitlab/gitlab.rb |
| 2 | Configure LDAP Settings: Add the following LDAP configuration to /etc/gitlab/gitlab.rb |
gitlab_rails['ldap_enabled'] = true
gitlab_rails['ldap_servers'] = YAML.load <<-EOS
main:
label: 'LDAP'
host: '192.168.1.9'
port: 389
uid: 'sAMAccountName'
bind_dn: 'cn=bind_user,dc=local,dc=com' # Replace with your actual bind DN
password: 'your_bind_user_password' # Replace with actual passwords' if needed
verify_certificates: true
active_directory: true
allow_username_or_email_login: true
user_filter: ''
group_base: ''
sync_ssh_keys: false
EOS
-
Reconfigure GitLab:
Run the following command to reconfigure GitLab:sudo gitlab-ctl reconfigure -
Verify LDAP Configuration:
Log into GitLab with an LDAP user account to ensure the configuration works. -
Test Connection (Optional):
Test the LDAP connection usingldapsearch:ldapsearch -x -H ldap://192.168.1.9 -D "cn=bind_user,dc=local,dc=com" -w "your_bind_user_password" -b "dc=local,dc=com"
Conclusion
You have successfully configured GitLab to authenticate users against your LDAP server. Users should now be able to log in using their LDAP credentials.