Reputation: 11
GitLab - department-based permissions (groups etc.)
I'm new as a Junior IT Administrator and I'm wondering where to start. I've been assigned a task by the IT manager, which I need to complete.
The task involves creating a directory structure/project groups on gitlab.noname.com, where access to individual directories will be granted based on user assignment to the appropriate department, for example, NameGroup1, NameGroup2, etc.
I also want to check if this can be done at the group level in AD. It seems to me that it's possible. I searched Google and found the following information:
- https://medal.ctb.upm.es/internal/gitlab/help/administration/auth/ldap-ee.md
- https://docs.gitlab.com/ee/administration/auth/ldap/ldap_synchronization.html?tab=Docker
So far, I've created two new groups in our local AD, namely:
!NameGroup1 !NameGroup2
I've also created 2 groups on the gitlab.noname.com portal (NameGroup1, NameGroup2) and will continue from there.
My question is, should I enter the following in gitlab-rails.rb:
main:
label: 'LDAP'
.....
admin_group: '!GitlabAdmins'
groups:
- 'CN=!NameGroup1,CN=Users,DC=noname,DC=en'
- 'CN=!NameGroup2,CN=Users,DC=noname,DC=en'
or
main:
label: 'LDAP'
.....
admin_group: '!GitlabAdmins'
groups:
- !NameGroup1
- !NameGroup2
I'm not sure, please help.
Upvotes: 1
Views: 39
Answers (0)
Related Questions
- GitLab remote: HTTP Basic: Access denied and fatal Authentication
- How to check the version of GitLab?
- Server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
- How to remove a Gitlab project?
- Moving an existing GitLab project into a new subgroup
- how to pull from a private registry in gitlab CI, with docker DIND
- Gitlab Integration with LDAP user_filter
- GitLab LDAP login with single sign-on and auto blocking
- Gitlab pre-commit hook