How to unblock an LDAP block user

If a user attempts to authenticate while LDAP connectivity is inactive, the user will be marked as LDAP blocked. You are a DevOps and the AD server is not under your control, this could literally happen at any time, and now the entire engineering team is waiting for you to fix this issue that Gitlab probably thinks is not really a problem - after all its the AD servers fault, right?

This is a method that requires editing the accounts for all blocked users, mentioned here: #331 (closed) One by one. Hmmmm. It did work the last time this happened to me.

THis time however I was in a rush and I couldn't remember. How much time I wasted looking around for a button. I can't even talk to my boss about this cos he wants to jump over to Github. Gitlab is supposed to be the DevOps champion!? So now I'm managing up, ignoring chats, and the beer I put into the freezer pops.

I follow AI suggestion: drop the whole Redis cache - no effect.

Final stop - edit the db directly. AI still thinking in Gitlab 14 code so its a rocky road, but we get there in the end: now proven on GitLab 18.1.0.

STEPS

First check that LDAP connectivity is restored: gitlab-rake gitlab:ldap:check

Then open a rails console (takes up to 30sec) and run these commands to identify and unblock users: gitlab-rails console

$ blocked_users = User.where(state: 'ldap_blocked')
$ blocked_users.update_all(state: 'active')
$ User.where(state: 'ldap_blocked').count
$ quit