Prevent gitlab user creation when authenticate against ldap/ad

uwebartels1 · August 17, 2023, 6:04am

Hi,

we setup gitlab users with certain permissions via terraform and gitlab api.
gitlab users authenticate in our installation against ldap. here they need to be in a certain group.

if we grant gitlab access via ldap without creating the gitlab user with the correct permissions, the user is able to log in to gitlab, gitlab creates the gitlab user without the correct permissions.
When I now try to create that gitlab user with terraform via gitlab api, gitlab complains the user already exists.

So my question is can I prevent gitlab from creating the gitlab user when they authenticate against ldap?

Thanks,
Uwe

balonik · August 18, 2023, 8:55am

Hi @uwebartels1

you can’t prevent user being created with LDAP auth. Actually, during daily LDAP sync GitLab creates the users itself if they are found in LDAP and not in GitLab.

If you need to control user’s permissions I suggest to use LDAP Group Sync instead of TF.