1

I have gitlab (ee) setup with terraform to run in a k8s cluster on azure. This all works fine and dandy, but what I would love to do is use LDAPS to sync user and group permissions with Azure AD, so I can use it as shown here: https://www.youtube.com/watch?v=HPMjM-14qa8.

However, as many will mention, Azure AD itself does not support LDAP. AADDS (Azure Active Directory Domain Service) does support it, among a lot of other things, but also comes at a cost. I'd like to get as close to the solution as shown in the video, with the least amount of layering. I could setup a separate openLDAP with slapd, but would really prefer to just manage users and groups in one place (like azure AD). Has anyone have found a nice solution for this kind of setup?

SeeDoubleYou
  • 271
  • 1
  • 2
  • 4
  • I've given up and went the openLDAP route. For those interested, I can highly recommend https://github.com/osixia/docker-openldap-backup. Combined with their docker image for phpldapadmin, it's relatively easy to set it up. – SeeDoubleYou Apr 09 '19 at 19:38

1 Answers1

1

Gitlab OmniAuth offers OAuth2 to allow sign in via Azure AD. Consult the docs for details: https://docs.gitlab.com/ee/integration/azure.html

SAML2 should be supported by both as well, but might be a little trickier to setup.

fuero
  • 9,591
  • 1
  • 35
  • 40
  • thanks, I've seen that, but this just allows you to check credentials after which a new account is created. If I understand correctly you cannot actually sync users and groups (and set permissions based on that). – SeeDoubleYou Apr 09 '19 at 19:36