Enable dynamic disabling filters for LDAP
Problem to solve
Currently blocking / syncing a deactivated user is bound to having AD as LDAP provider and active_directory: true
configured
The actual filter is therefore hardcoded to match AD
Proposal
- Enable a new value in gitlab.yml to allow for custom filters
disable_users: attribute: 'VALUE' value: 'VALUE'
What does success look like, and how can we measure that?
-
Users will be checked using a custom querry -
Users can be disabled by adding to a custom group -
Active Directory check still working