Investigate LDAP for GitLab Groups
Problem to solve
We offer Group SAML (configure and use an identity provider at the group level for GitLab.com), but customers who use LDAP should also be able to integrate and use an LDAP server to log in to a GitLab.com group.
Proposal
- Groups should be able to configure LDAP authentication for a top-level group (not a subgroup)
- How do we deal with existing accounts?
- Should we handle in a similar way to our current approach with SAML and create a link between the user's credentials and their GitLab.com account?
- How does somebody login to GitLab vs. the group?
- How can we replicate group sync at the group level?
What does success look like, and how can we measure that?
- We have a clear implementation path forward for how we might configure an LDAP connection for a top-level GitLab.com group