Replace simple_ldap_linking_allowed_realms by simple_ldap_linking_allowed_realm to fix kerberos linking (!93647) · Merge requests · GitLab.org / GitLab

Christopher Schenk requested to merge cschenk/gitlab:simple_ldap_linking into master Aug 01, 2022

What does this MR do and why?

This MR introduces the setting simple_ldap_linking_allowed_realm which replaces the setting simple_ldap_linking_allowed_realms. simple_ldap_linking_allowed_realms never worked that good because Gitlab does not know which kerberos realm the user is using. By introducing the setting simple_ldap_linking_allowed_realm there only is one kerberos realm and for each LDAP user an Linking with the configured realm is created.

How to set up and validate locally

Setup gitlab with LDAP and kerberos.
Set simple_ldap_linking_allowed_realms to the kerberos realm.
See that kerberos linkings ldap users are created on login.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Aug 04, 2022 by Christopher Schenk

Replace simple_ldap_linking_allowed_realms by simple_ldap_linking_allowed_realm to fix kerberos linking

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports