I have a working ldapsearch query
ldapsearch -x -h <ldapdomain> -D "uid=<username>,ou=people,dc=<domain>,dc=<tld>" -w "redacted"
that works against my ldap server. However when translating this into a ldap configuration I constantly get a invalid credentials answer to my login attempts even though username and password are identical to the ones used in the ldapsearch command.
My ldap config looks like this:
gitlab_rails['ldap_enabled'] = true
gitlab_rails['ldap_servers'] = YAML.load <<-EOS
main:
label: 'Name'
host: '<ldapdomain>'
port: 389 # usually 636 for SSL
uid: 'uid'
bind_dn: 'ou=people,dc=<domain>,dc=<tld>'
encryption: 'plain'
verify_certificates: true
ssl_version: ''
timeout: 10
active_directory: true
allow_username_or_email_login: false
block_auto_created_users: false
base: ''
user_filter: ''
attributes:
username: ['uid', 'userid', 'sAMAccountName']
email: ['mail', 'email', 'userPrincipalName']
name: 'cn'
first_name: 'givenName'
last_name: 'sn'
lowercase_usernames: false
group_base: ''
admin_group: ''
external_groups: []
sync_ssh_keys: false
EOS