Skip to content

Ldapmain problem : Invalid credentials (but ldapsearch succeeds, as does gitlab-rake gitlab:check) since upgrade to 9.5.1

Hi

this week, we upgraded gitlab (package) 9.4.5 to 9.5.1

all fine but we cant connect with ldap user since this upgrade.

no error on ldapsearch and gitlab check, the ldap server is a openDS. We have not modified any configuration files on gitlab or the ldap server.

the application log indicated this, when we try to connect

August 28, 2017 10:17: LDAP account "cn=XXXX,ou=users,dc=XXXX.fr,o=NETIK" does not exist anymore, blocking Gitlab user "XXXX XXX" (XXX.XXXX@XXX.fr)

no error in ldap server log, and others applications who use the ldap server, does not encounter any issues

Relevant Settings : LDAP [green]

Config :

  • gitlab.rb

gitlab_rails['ldap_enabled'] = true

gitlab_rails['ldap_servers'] = YAML.load_file('/etc/gitlab/ldap_settings.yml')

-ldap_settings.yml

main:

label: 'LDAP'

host: 'X.X.X.X'

port: 389

uid: 'uid'

method: 'plain'

bind_dn: 'cn=XXX,ou=users,dc=XXX.fr,o=XXXX'

password: 'XXXXXX'

base: 'o=XXXX'

allow_username_or_email_login: true

user_filter: ''

version :

GitLab 9.5.1

GitLab Shell 5.8.0

GitLab Workhorse v3.0.0

GitLab API v4

Git 2.13.5

Ruby 2.3.3p222

Rails 4.2.8

postgresql 9.6.3

thanks for your help.