diff options
author | John T Skarbek <jskarbek@gitlab.com> | 2019-07-18 22:53:56 +0300 |
---|---|---|
committer | John T Skarbek <jskarbek@gitlab.com> | 2019-07-18 22:53:56 +0300 |
commit | ad83b673245a1dd0f65cea76ff6b6113f107d30e (patch) | |
tree | 4ab1e5be43521887067f9f8a6e23ec45dbfdcbe0 /doc/administration/auth/ldap.md | |
parent | 0d9afa5d6c7aa7a927cbb20aef2a4fce586748d4 (diff) | |
parent | 17b9a91cc0622ad5cac6b1a11546b9ef9e8ac427 (diff) |
Merge remote-tracking branch 'origin/12-1-auto-deploy-20190718' into 12-1-stable
Diffstat (limited to 'doc/administration/auth/ldap.md')
-rw-r--r-- | doc/administration/auth/ldap.md | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/doc/administration/auth/ldap.md b/doc/administration/auth/ldap.md index 86e6be5f4fa..be05a4d63a7 100644 --- a/doc/administration/auth/ldap.md +++ b/doc/administration/auth/ldap.md @@ -1,3 +1,7 @@ +--- +type: reference +--- + <!-- If the change is EE-specific, put it in `ldap-ee.md`, NOT here. --> # LDAP @@ -494,6 +498,13 @@ be mandatory and clients cannot be authenticated with the TLS protocol. ## Troubleshooting +If a user account is blocked or unblocked due to the LDAP configuration, a +message will be logged to `application.log`. + +If there is an unexpected error during an LDAP lookup (configuration error, +timeout), the login is rejected and a message will be logged to +`production.log`. + ### Debug LDAP user filter with ldapsearch This example uses ldapsearch and assumes you are using ActiveDirectory. The @@ -527,18 +538,9 @@ ldapsearch -H ldaps://$host:$port -D "$bind_dn" -y bind_dn_password.txt -b "$ba sudo -u git -H bundle exec rake gitlab:ldap:check RAILS_ENV=production ``` -### Connection Refused +### Connection refused If you are getting 'Connection Refused' errors when trying to connect to the LDAP server please double-check the LDAP `port` and `encryption` settings used by GitLab. Common combinations are `encryption: 'plain'` and `port: 389`, OR `encryption: 'simple_tls'` and `port: 636`. - -### Troubleshooting - -If a user account is blocked or unblocked due to the LDAP configuration, a -message will be logged to `application.log`. - -If there is an unexpected error during an LDAP lookup (configuration error, -timeout), the login is rejected and a message will be logged to -`production.log`. |