GITLAB Integration with Active Directory

Integration of Gitlab with Active Directory is very beneficial for Administration Purpose. The benefits of Gitlab integration with active directory are as follows.

1. No need to create additional users on GITLAB.
2. Users use their Active Directory id and password for login.
3. Security Enhancement has increase.
4. You can Easily authenticate Active Directory users for GITLAB.
5. User have no need to remember additional password for GITLAB.

For Gitlab integration with Active Directory edit the Gitlab configuration file "gitlab.rb" that available in directory "/etc/gitlab/gitlab.rb" by use of vi editor.

vi /etc/gitlab/gitlab.rb

Add the below mention lines in Gitlab configuration file "gitlab.rb" After the comment of LDAP Settings.

gitlab_rails['ldap_enabled'] = true

###! **remember to close this block with 'EOS' below**

gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'

 main: # 'main' is the GitLab 'provider ID' of this LDAP server

  label: 'Active Directory Login'

  host: 'drdc.domain.com'

  port: 389

  uid: 'sAMAccountName'

  method: 'plain' # "tls" or "ssl" or "plain"

  bind_dn: 'CN=Ldap Search,OU=All Accounts,DC=domain,DC=com'

  password: '12345678'

  active_directory: true

  allow_username_or_email_login: false

  block_auto_created_users: false

  base: 'OU=All Users,DC=domain,DC=com'

  timeout: 10

  user_filter: '(memberOf=CN=Gitlab Users,OU=All User Groups,DC=domain,DC=com)'

EOS

In above image 5 steps are mention, that is describe in detail below.

Step 1:

host: 'drdc.domain.com'

Add the Domain Controller FQDN "Full Qualified Domain Name" as per your environment. In our case Domain Controller FQDN "Full Qualified Domain Name" is 'drdc.domain.com'.

Step 2:

bind_dn: 'CN=Ldap Search,OU=All Accounts,DC=domain,DC=com'

In step 2 LDAP (Active Directory) search Any user id in OU "All Accounts" that have the password define in Step 3 for Gitlab integration with Active Directory.

Step 3:

password: '12345678'

Password of Any user id that available in OU "All Accounts" for Gitlab integration with Active Directory.

Step 4:

base: 'OU=All Users,DC=domain,DC=com'

The OU "All Users" where every user available for Login authentication in Gitlab.

Step 5:

user_filter: '(memberOf=CN=Gitlab Users,OU=All User Groups,DC=domain,DC=com)'

Create a Group "Gitlab Users" in OU "All User Groups" for Login authentication in Gitlab. The User id's available in Group "Gitlab Users" only allow to login in Gitlab.

After Edit the Gitlab configuration file "gitlab.rb", Reconfigure the Gitlab instance type the below command.

gitlab-ctl reconfigure

Gitlab instance has successfully reconfigured.

Login with Active Directory User.

Active Directory User has successfully login.

Now you can Create a project, create a group, explore public project and many more with Active Directory User.

Thanks for read this Article

Install Gitlab Community/Enterprise Edition on Centos 7

Backup and Restore Gitlab Omnibus on CentOS 7