Gitlab 11.0.3漢化完成后,需要集成域控,現將域控的配置過程描述如下:
gitlab目錄:/etc/gitlab
gitlab配置文件:/etc/gitlab/gitlab.rb
編輯gitlab.rb文件:
在gitlab.rb文件中修改下面配置,其中:
1.host,是搭建的ldap的ip,根據實際情況修改;
2.uid,可以配置cn,也可以配置uid,都能識別(具體為什么沒深入研究);
3.bind_dn,ldap的管理員賬號,根據實際情況修改;
4.password,ldap的管理員,根據實際情況修改;
5.active_directory,似乎是針對連接是否是ad域控的標示,因為這部分是ldap的配置,故為false;
6.allow_username_or_email_login,用戶登錄是否用戶名和郵箱都可以,方便用戶故配置true;
7.base,用戶列表所在的目錄,因為新增的用戶都在ldap的People下,故這么配置,根據實際情況修改;
我的配置如下:
gitlab_rails['ldap_enabled'] = true
###! **remember to close this block with 'EOS' below**
gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
main: # 'main' is the GitLab 'provider ID' of this LDAP server
label: 'LDAP'
host: '**.**.**.**'
port: 389
uid: 'sAMAccountName'
bind_dn: 'cn=***,cn=Users,dc=***,dc=****,dc=COM'
password: '*****'
encryption: 'plain' # "start_tls" or "simple_tls" or "plain"
verify_certificates: true
active_directory: true
allow_username_or_email_login: true
lowercase_usernames: false
block_auto_created_users: false
base: 'OU=Users,OU=*****,DC=***,DC=*****,DC=COM'
user_filter: ''
## EE only
# group_base: ''
# admin_group: ''
# sync_ssh_keys: false
#
# secondary: # 'secondary' is the GitLab 'provider ID' of second LDAP server
# label: 'LDAP'
# host: '_your_ldap_server'
# port: 389
# uid: 'sAMAccountName'
# bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
# password: '_the_password_of_the_bind_user'
# encryption: 'plain' # "start_tls" or "simple_tls" or "plain"
# verify_certificates: true
# active_directory: true
# allow_username_or_email_login: false
# lowercase_usernames: false
# block_auto_created_users: false
# base: ''
# user_filter: ''
# ## EE only
# group_base: ''
# admin_group: ''
# sync_ssh_keys: false
EOS
配置完成后進行配置更新:
gitlab-ctl reconfigure
檢查是否配置成功:
gitlab-rake gitlab:ldap:check(列出前100個用戶)
重啟gitlab服務:
gitlab-ctl restart