Reputation: 795
Gerrit doesn't pull in Administrators from Active Directory when using LDAP authentication?
When using Active Directory LDAP authentication for Gerrit, Gerrit doesn't seem to be pulling in the users from the AD Administrators group ( =BIG problem :) ). Other users who are in the base directory for the dc and the Users container are being pulled in correctly once the group is created in Gerrit, but not users in the Administrators group, which is in the Builtin container in AD.
Here is my gerrit.config file:
...
[auth]
type=LDAP
[ldap]
server = ldap://ldapserver
referral=follow
username= user
password= pass
accountBase = dc=domain,dc=com
groupBase = dc=domain,dc=com
accountPattern = (&(objectClass=user)(sAMAccountName=${username}))
groupPattern = (&(objectClass=group)(cn=${groupname}))
accountFullName = displayName
accountMemberField = memberOf
accountEmailAddress = mail
...
Anybody know a way to fix this? (even logging directly into the embedded DB somehow to stick in an admin, though I'm not sure about the login credentials used for that...)
Thanks!
Upvotes: 0
Views: 1634
Answers (1)
Reputation: 752
If you are not connecting via Gerritt as an admin, a basic user by default has only permissions to read one property set on members of protected groups (e.g. Admins). They must have access to the "General Information" property set here since you want to bring back the displayName attribute.
Upvotes: 2
Related Questions
- LDAP group not showing in Gerrit
- Gerrit with users outside of LDAP
- No LDAP Groups being associated with Gerrit
- Gerrit and Active Directory
- Using LDAP account while pushing to Gerrit
- Gerrit LDAP configuration
- LDAP configuration for Gerrit?
- Can I change gerrit authentication type from openid to ldap?
- Facing issue setting up gerrit with LDAP authentication
- Gerrit: attaching previous users with new ldap users