After a long battle, I'm able to get gitlab to connect to my LDAP server.
But now, I'm getting invalid credentials everytime I try and auth a new
user.
I can run RAILS_ENV=production gitlab-rake -v --trace gitlab:ldap:check
and I get users listed just fine.
The problem I have now is that when I try and login with my LDAP
credentials, I get Invalid Credentials.
I have verified that the credentials are correct (email addy, password)
I'm curious as to what gitlab is sending to the LDAP server to try the auth.
I know the LDAP username has to be formatted in
uid=<email address>,ou=People,o=foo.com
when I tail the logs with "gitlab-ctl tail" I see
==> /var/log/gitlab/unicorn/unicorn_stdout.log <==
I, [2015-03-05T14:50:55.187926 #22730] INFO -- omniauth: (ldapmain)
Callback phase initiated.
E, [2015-03-05T14:51:05.510018 #22730] ERROR -- omniauth: (ldapmain)
Authentication failure! invalid_credentials encountered.
==> /var/log/gitlab/gitlab-rails/production.log <==
Processing by OmniauthCallbacksController#failure as HTML
Parameters: {"utf8"=>"✓",
"authenticity_token"=>"qhXx+IXl7WYUFxmxmGvlqD+SDUnF/mEzEFfaOZnJ76Q=",
"username"=>"walter.bor...@foo.com", "password"=>"[FILTERED]"}
If that is the username that's sent to LDAP for bind/auth, it will never
work. it has to be in the format of
"uid=walter.bor...@foo.com,ou=People,o=foo.com"
Walt
On Thursday, March 5, 2015 at 10:26:41 AM UTC-8, Walter Boring wrote:
>
> I'm trying to debug my LDAP config issues with the latest gitlab.
>
> I know nothing about ruby and all it's confusion of how it works, so I'm
> probably doing something crazy stupid wrt to rubyness.
>
> Anyways, I installed the latest from https://about.gitlab.com/downloads/
> on ubuntu 14.04.
>
> I then followed the instructions here:
> https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/integration/ldap.md
> to setup LDAP.
>
> But LDAP auth is failing, and I am trying to figure out how to debug it.
> I tried follwing the testing of LDAP config here:
> https://gitlab.com/gitlab-org/gitlab-ce/issues/615
>
> Running "sudo -u git -H bundle exec rake gitlab:ldap:check
> RAILS_ENV=production" yields some confusing ruby output that is less than
> helpful, to say the least.
>
>
> root@test-gitlab-vm:~# sudo -u git -H bundle exec rake gitlab:ldap:check
> RAILS_ENV=production
> Could not locate Gemfile
>
>
> The gitlab web interface is up and running and I can try and auth with my
> LDAP creds, but I get an error.
>
> Any idea how to make that convoluted and confusing bundle exec rake thing
> work?
>
--
You received this message because you are subscribed to the Google Groups
"GitLab" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to gitlabhq+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/gitlabhq/5ce74634-48af-44f6-b0d3-6ce6d6dae022%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
