gitlab ldap groups

It´s not very easy to understand with the ce edition.


Here is my working config with gitlab ce 10

Before you edit your gitlab.rb please make a backup

 cp /etc/gitlab/gitlab.rb /etc/gitlab/gitlab.rb_org


Please remember your are editing a yaml file, yaml files are sensitiv for spaces etc

gitlab_rails[‘ldap_enabled’] = true

gitlab_rails[‘ldap_servers’] = YAML.load <<-EOS # remember to close this block with ‘EOS’ below
label: ‘ActiveDirectory’
host: ‘’
port: 389 #Change to 636 if using LDAPS
method: ‘plain’ # Change to “tls” if using LDAPS
uid: ‘sAMAccountName’ # Don’t change this
bind_dn: ‘CN=gitlab,OU=users,DC=example,DC=com’
password: ‘mypassowrd’
timeout: 10
active_directory: true
allow_username_or_email_login: false
block_auto_created_users: false
base: ‘DC=example,DC=com’
# Optional: the next line specifies that only members of the user group “gitlab-users” can authenticate to Gitlab:
user_filter: ‘(memberOf=CN=grpGitlab,OU=Application,OU=Servers,DC=example,DC=com)’



Attention i have tried a lots of user_filter examples there variants are working for me.

Check your LDAP Access and Group Members

gitlab-rake gitlab:ldap:check

Most found there