I’m trying to setup ldap login in GitLab Community Edition 15.2.2 using the OpenLDAP LDAP server.
When i try to log in i get
Could not authenticate you from Ldapmain because “Invalid credentials for <me>”.
I know that this is some kind of problem with the configuration that i specified, since
gitlab-rake gitlab:ldap:check
Returns an empty list of users:
Checking LDAP …
LDAP: … Server: ldapmain
LDAP authentication… Success
LDAP users with access to your GitLab server (only showing the first 100 results)Checking LDAP … Finished
This is my configuration:
gitlab_rails['ldap_enabled'] = true
gitlab_rails['prevent_ldap_sign_in'] = false
gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
main:
label: 'LDAP'
host: '10.0.2.15'
port: 389
method: 'plain'
uid: 'uid'
bind_dn: 'CN=admin,DC=<domain>,DC=<tld>'
password: '<password>'
encryption: 'plain' # "start_tls" or "simple_tls" or "plain"
base: 'ou=users,dc=<domain>,cd=<tld>'
attributes:
username: ['uid', 'userId', 'sAMAccountName']
email: ['mail', 'email']
name: 'cn'
first_name: 'givenName'
last_name: 'sn'
user_filter: ''
EOS
And this is the ldapsearch command that i’m using which correctly returns all the users:
ldapsearch -w <password> -h 10.0.2.15 -D ‘cn=admin,dc=<domain>,dc=<tld>’ -b ‘ou=users,dc=<domain>,dc=<tld>’
Values between <> are exactly the same in both the command and the configuration file, just replaced them because i’m not allowed to share them.
What exactly is wrong in the configuration file?