31 C

How To Configure FreeIPA LDAP Authentication

In our previous guide you have learned to Install and Configure GitLab on CetnOS 8. Today we are going to learn that How we can configure FreeIPA LDAP Authentication.

What is FreeIPA ?

FreeIPA is an Open source Identity management system sponsored by RedHat. GitLab is fully-featured platform for the development of different types of software’s providing features like integrated CI/CD, Auto DevOps, Kubernetes integration, GitLab Container Registry e.t.c. By leveraging FreeIPA advanced user management features, it becomes easy to manage user access to your GitLab server. You don’t have to create users manually on GitLab Server, which can be tedious for large companies.

Configuring GitLab FreeIPA Authentication


  • GitLab Server (running)
  • FreeIPA Server (running)

Move toward the configuration of GitLab FreeIPA authentication. Simply follow the given steps

Step 1: Create LDAP Bind user on FreeIPA

First of all you will require a user for binding to FreeIPA Server. Go to the FreeIPA Server and create a user called gitlab.

- Advertisement -

Navigate to Identity>Users>Add to add a new user.

Provide details as required and then click on “Add” button. If you want to add another user or want to edit user specification click on the associated buttons.

Step 2: Configuring GitLab Server

For users who don’t have a domain name for FreeIPA Server Configured on DNS, can add the line to /etc/hosts file.

echo " ipa.example.com" | sudo tee -a /etc/hosts

Now, edit /etc/gitlab/gitlab.rb & enable LDAP

gitlab_rails['ldap_enabled'] = true

At the end, create the YAML file to hold the IPA connection settings.

sudo vim /etc/gitlab/freeipa_settings.yml

Do similar configuration like below:

label: 'FreeIPA'
host: 'ipa.example.com'
port: 389
uid: 'uid'
method: 'tls'
bind_dn: 'uid=gitlab,cn=users,cn=accounts,dc=example,dc=com'
password: 'gitlabuserpassword'
encryption: 'plain'
base: 'cn=accounts,dc=example,dc=com'
verify_certificates: false
username: ['uid']
email: ['mail']
name: 'displayName'
first_name: 'givenName'
last_name: 'sn'

Note: Replace the mentions with your’s

ipa.example.com = FreeIPA Server hostname
All appearances of example & com with with your FreeIPA Server domain components.
gitlabuserpassword with your GitLab user password.

Save the file then reconfigure GitLab.

sudo gitlab-ctl reconfigure.

Step 3: Login to GitLab via FreeIPA

As you finished configuring, it’s time to login to GitLab server. Provide the credentials as on FreeIPA server to login.

Click Sign in to continue to the Dashboard.

- Advertisement -
Everything Linux, A.I, IT News, DataOps, Open Source and more delivered right to you.
"The best Linux newsletter on the web"


Please enter your comment!
Please enter your name here

Latest article