Allow LDAP failover (!77000) · Merge requests · GitLab.org / GitLab

Mathieu Parent requested to merge sathieu/gitlab:ldap_failover into master Dec 17, 2021

What does this MR do and why?

Support LDAP failover, by specifying several hosts. Example Omnibus configuration:

gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
  main:
    label: "AD"
    # host: "ldap1.example.org"
    # port: 636
    hosts:
    - ["ldap1.example.org", 636]
    - ["ldap2.example.org", 636]
    uid: 'sAMAccountName' # userPrincipalName
    bind_dn: "CN=foo,DC=example,DC=org"
    password: "P@$$"
    encryption: 'simple_tls' # "start_tls" or "simple_tls" or "plain"
    verify_certificates: true
    smartcard_auth: false
    active_directory: true
    allow_username_or_email_login: false
    lowercase_usernames: true
    block_auto_created_users: false
    base: "DC=example,DC=org"
    user_filter: ''
    ## EE only
    group_base: ''
    admin_group: ''
    sync_ssh_keys: false

Edited Jan 07, 2022 by Hannah Sutor

Allow LDAP failover

What does this MR do and why?

Merge request reports