使用LDAP登录时,Gitlab 6.7无法创建帐户

时间:2014-04-10 07:57:24

标签: ldap omniauth gitlab

我目前正在尝试将Gitlab 6.7设置为全新安装以及从6.6版升级。这样做时我遇到了以下错误: 使用尚未在Gitlab中的LDAP帐户登录时,登录失败并显示包含单词的消息

  

无法通过LDAP授权您,因为:"验证失败的用户名只有字母,数字和& ' _' ' - ' ''允许。信应该是第一个"。

因此,升级后的版本仍适用于现有帐户。

看了GitHub中的代码后,我怀疑根本原因是Gitlab用户名的生成发生了变化。 对我来说,它看起来像是电子邮件地址的第一部分(一切都是@),现在它似乎是uid,但在我的情况下,uid是一个包含@字符的电子邮件地址。

由于我在LDAP中没有任何其他唯一标识用户的值,因此我需要使用uid / mail。

任何人都有提示如何在这里继续? 感谢

LDAP:

objectClass    person
givenName      Jane
sn             Doe
cn             Jane Doe
uid            jane.doe@example.com
mail           jane.doe@example.com

Gitlab.yml 6.6:

ldap:
    enabled: true
    host: 'ldaphost.example.com'
    base: 'o=example.com'
    port: 636
    uid: 'uid'
    method: 'ssl' # "tls" or "ssl" or "plain"
    #bind_dn: ''
    #password: '_the_password_of_the_bind_user'
    # If allow_username_or_email_login is enabled, GitLab will ignore everything
    # after the first '@' in the LDAP username submitted by the user on login.
    #
    # Example:
    # - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials;
    # - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
    #
    # If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
    # disable this setting, because the userPrincipalName contains an '@'.
    allow_username_or_email_login: false

Gitlab.yml 6.7:

ldap:
    enabled: true
    host: 'ldaphost.example.com'
    port: 636
    uid: 'uid'
    method: 'ssl' # "tls" or "ssl" or "plain"
    #bind_dn: '_the_full_dn_of_the_user_you_will_bind_with'
    #password: '_the_password_of_the_bind_user'
    # If allow_username_or_email_login is enabled, GitLab will ignore everything
    # after the first '@' in the LDAP username submitted by the user on login.
    #
    # Example:
    # - the user enters 'jane.doe@example.com' and 'p@ssw0rd' as LDAP credentials;
    # - GitLab queries the LDAP server with 'jane.doe' and 'p@ssw0rd'.
    #
    # If you are using "uid: 'userPrincipalName'" on ActiveDirectory you need to
    # disable this setting, because the userPrincipalName contains an '@'.
    allow_username_or_email_login: false

    # Base where we can search for users
    #
    #   Ex. ou=People,dc=gitlab,dc=example
    #
    base: 'o=example.com'

    # Filter LDAP users
    #
    #   Format: RFC 4515
    #   Ex. (employeeType=developer)
    #
    user_filter: ''

0 个答案:

没有答案
相关问题
最新问题