I’ve got a specific error message when authenticating using a LDAP (in real Active Directory) authent:
Could not authenticate you from Ldapmain because “Unknown provider (ldapsecondary). available providers: [“ldapmain”]”.
I explain the specific context:
I am using Gitlab ee (10.8.4-ee) configured to used 2 LDAP/AD for authentication (because my company is a merge of 2 “old conpanies”). All works fine:
- users from AA company are using AA AD to authenticate
- users from BB company are using BB AD to authenticate
But, we are planning to get ride of AA AD and to migrate all AA users into BB AD (all AA users are copied into BB AD: same id, same email). Here is the problem…
If I suppress AA AD (main) and keep only BB AD (secondary) in Gitlab configration:
- when BB user authenticates all is fine
- when AA user authenticates, he has error : Could not authenticate you from Ldapsecondary because “Unknown provider (ldapmain). available providers: [“ldapsecondary”]”.
If I suppress BB AD (secondary) and change AA AD (main) into BB AD into Gitlab configuration:
- when AA user authenticates all is fine
- when BB user authenticates, he has error : Could not authenticate you from Ldapmain because “Unknown provider (ldapsecondary). available providers: [“ldapmain”]”.
If I keep both AD configuration changing AA AD into BB AD:
- It wokrs, AA users and BB users can authenticate, but they must choose rigth authentication GUI (main GUI for AA users and secondary GUI for BB users.
This configuration is stupid: both GUI are using the same AD configuration !
So, authenticated users seems to be linked to the AD (main or secondary) they used to authenticate, and they cannot change from one AD to another…
My question is: is their a way to use only one AD configuration and have all users (from ex-AA and BB companies) be able to authenticate ?