You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+13-13Lines changed: 13 additions & 13 deletions
Original file line number
Diff line number
Diff line change
@@ -69,7 +69,7 @@ Default: *false*
69
69
70
70
#### winCompatibilityMode *(bool|null)*
71
71
72
-
In some Active Directory instances when "user_dn" is empty (for example when the whole AD is searched for users), LDAP queries fail with the message "ldap_search(): Search: Operations error.". This is further described in https://stackoverflow.com/questions/17742751/ldap-operations-error. The fix described there is applied when **winCompatibilityMode** is set to *true*. Since this has only been tested on one instance, it is recommended to leave this option at *false* and only activate it if you experience the error described above.
72
+
In some Active Directory instances when "user_dn" is empty (for example when the whole AD is searched for users), LDAP queries fail with the message "ldap_search(): Search: Operations error.". This is further described in <https://stackoverflow.com/questions/17742751/ldap-operations-error>. The fix described there is applied when **winCompatibilityMode** is set to *true*. Since this has only been tested on one instance, it is recommended to leave this option at *false* and only activate it if you experience the error described above.
73
73
74
74
Default: *false*
75
75
@@ -235,7 +235,7 @@ This varies not only according to which directory software you're using, but als
235
235
236
236
This must be defined as an array even if you have only 1 user. Be sure to quote user names that have spaces. For example:
237
237
238
-
```
238
+
```yaml
239
239
userNamesToIgnore:
240
240
- "nobody"
241
241
- "Administrator"
@@ -258,7 +258,7 @@ This varies not only according to which directory software you're using, but als
258
258
259
259
This must be defined as an array even if you have only 1 group. Be sure to quote group names that have spaces. For example:
260
260
261
-
```
261
+
```yaml
262
262
groupNamesToIgnore:
263
263
- "Managed Service Accounts"
264
264
- "Marketing Staff"
@@ -311,7 +311,7 @@ This varies not only according to which directory software you're using, but als
311
311
312
312
This must be defined as an array even if you have only 1 group. Be sure to quote group names that have spaces. For example:
313
313
314
-
```
314
+
```yaml
315
315
groupNamesOfAdministrators:
316
316
- "Domain Admins"
317
317
- "Enterprise Admins"
@@ -330,7 +330,7 @@ This varies not only according to which directory software you're using, but als
330
330
331
331
This must be defined as an array even if you have only 1 group. Be sure to quote group names that have spaces. For example:
332
332
333
-
```
333
+
```yaml
334
334
groupNamesOfExternal:
335
335
- "Domain Guests"
336
336
- "Clients"
@@ -360,7 +360,7 @@ Specify the LDAP server name used by this Gitlab instance. You can find this in
360
360
361
361
**You may need to put "ldap" before this value!** This hasn't been tested across different installation types, but using the Omnibus package it appears if your "gitlab.rb" has the following...
Once you've configured this tool you can run it from a CLI using:
376
376
377
-
`php bin/console ldap:sync -d`
377
+
$ php bin/console ldap:sync -d
378
378
379
379
Depending on your system's PHP installation you may need to use `php-cli` instead of `php`. (This typically only occurs on WHM/cPanel based servers configured to host PHP via the fast process manager, PHP-FPM.)
380
380
381
381
**The `-d` option is important for your first run.** This enables "dry run" mode, meaning no changes will be persisted to your Gitlab instances. After running this tool you should evaluate the changes that will be made based on the output, then run it again without the `-d` option to persist the changes.
382
382
383
383
If you'd like to see more verbose output you can add up to 3 `-v` switches, for example:
384
384
385
-
`php bin/console ldap:sync -v`
386
-
`php bin/console ldap:sync -vv`
387
-
`php bin/console ldap:sync -vvv`
385
+
$ php bin/console ldap:sync -v
386
+
$ php bin/console ldap:sync -vv
387
+
$ php bin/console ldap:sync -vvv
388
388
389
389
If you'd like to only sync with a single Gitlab instance you can specify the name of it as per your configuration as an argument, for example:
390
390
391
-
`php bin/console ldap:sync athena`
392
-
`php bin/console ldap:sync demeter`
391
+
$ php bin/console ldap:sync athena
392
+
$ php bin/console ldap:sync demeter
393
393
394
394
## Built With
395
395
@@ -425,6 +425,6 @@ Licensed under the Apache License, Version 2.0 (the "License"); you may not use
425
425
426
426
You may obtain a copy of the License at
427
427
428
-
http://www.apache.org/licenses/LICENSE-2.0
428
+
<https://www.apache.org/licenses/LICENSE-2.0>
429
429
430
430
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the [License](LICENSE) for the specific language governing permissions and limitations under the License.
0 commit comments