[Date Prev][Date Next] [Chronological] [Thread] [Top]

ACL to authenticate gitlab users

To: openldap-technical@openldap.org
Subject: ACL to authenticate gitlab users
From: Xaar <xaar@linux.pl>
Date: Sun, 7 May 2017 16:49:24 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux.pl; s=mail; t=1494168552; bh=C2tMZihQ1hmux4qj4z9HisfJVBNXs0qKLUZ3Ewor8ys=; h=From:Subject:Date:To:From; b=oMC/lx1AH8z6oZB4XWnvwSug4UaIqLqjCnbSfqPkNj9jl6dPWQbnCVwwSHv6Aomjk BD80nrZvB+sW1MuPxeIgPE8Sn2RsE/4NBj7EmAZCtGxxuziKikY8Tj57e3piZhoTu7 TkH8eHYif8RuDtAPVBrLYJr81ECdO6OBTbztNtME=
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux.pl; s=mail; t=1494168550; bh=C2tMZihQ1hmux4qj4z9HisfJVBNXs0qKLUZ3Ewor8ys=; h=From:Subject:Date:To:From; b=XL/aEewPKWVcMNwT0a4mxxaWT+gIZVohi9vb9ZHkYT65PZlfCRLaXbvpr+IbleGQs +Ri4oryGNyWjYnep6BMrc5M7XT75SJjh4bDND7151xFx4Ee0hSm7tWKuf/IuVYsre5 g0F1GOTjSlEvckdEhP1Zp0tMRtoryayeeeIWQpo8=

Hello, 

I want to authenticate users via OpenLDAP to Gitlab. In Gitlab configuration there is a gitlab.rb file, where I can write some special user (let it be gitlabuser) with credentials who will be bind to ldap server. Now my question is, what acl should I provide to this user on OpenLDAP server to allow other users authenticate to Gitlab ?

Now my DIT looks like this:

dc=company,dc=com
|
|
- cn=admin
- cn=gitlabuser
|
|
- ou=Groups
- ou=Users -> here are users which I want to give access to Gitlab

Is this entry is fair enough ?

dn: olcDatabase={1}hdb,cn=config
changetype: modify
replace: olcAccess
olcAccess: {0} to attrs=userPassword by anonymous auth by dn=„cn=admin,dc=company,dc=com” write by * none
olcAccess: {1} to dn.base=„” by * read
olcAccess: {2} to * by * read

Best Regards !

Prev by Date: Re: [SOLVED] Re: chain overlay does an anonymous bind and ignores the chain binddn (v2.4.44)
Next by Date: Re: [SOLVED] Re: chain overlay does an anonymous bind and ignores the chain binddn (v2.4.44)
Index(es):
- Chronological
- Thread