Much like another user in April of 2023 I’m integrating LDAP. I have configured gitlab.rb to support ldap… I have used ldap search to verify connections, but no matter what I do I always get
Could not authenticate you from Ldapmain because “Invalid credentials for user@email-domain.com”
Has anyone actually ran into this before?
Please show the gitlab.rb configuration (redact sensitive data), and how you test the connection on the CLI (exact parameters).
here is the relevant section of the gitlab.rb
gitlab_rails[‘ldap_enabled’] = true
gitlab_rails[‘ldap_servers’] = YAML.load <<-EOS # remember to close this block with ‘EOS’ below
main: # ‘main’ is the GitLab ‘provider ID’ of this LDAP server
label: ‘Google Secure LDAP’
host: 'ldap.google.com'
port: 636
uid: 'uid'
bind_dn: ‘SomeUserGoogleCreated’
password: ‘password’
encryption: 'simple_tls'
verify_certificates: true
retry_empty_result_with_codes: [80]
base: "DC=example,DC=com"
tls_options:
ssl_version: 'TLSv1_2'
cert: |
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
key: |
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
EOS
When I run the rake ldap test connection is good but it shows no users, even though I’ve got users set up in a group on the google side.