You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
All the progress! User raking is pretty complete, needs testing though.
Configuration changes:
- Gitlab option "userRake" deleted. This might come back, but is probably essential that this function is done anyway, so no need for it now. (It wasn't being used.)
- Gitlab option "userNamesToIgnore" created, an array of user names to always ignore.
- Gitlab option "groupNamesToIgnore" moved upwards in the section.
Copy file name to clipboardExpand all lines: README.md
+41-28Lines changed: 41 additions & 28 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -193,15 +193,51 @@ This section configures how to communicate with your Gitlab-CE instance.
193
193
194
194
#### options
195
195
196
-
##### userRake*(bool|null)*
196
+
##### userNamesToIgnore*(array|null)*
197
197
198
-
Specify whether LDAP users should be raked into Gitlab. This means that LDAP users of which have not signed in for the first time will now have a minimal user record created for them on Gitlab in advance, which allows you to assign them projects and permissions, and of course put them into their respective groups in advance.
198
+
Specify a list of user names of which this tool should ignore. (Case-sensitive.)
199
199
200
-
This could result in a large number of user records being created on Gitlab of which may never sign in.
200
+
This varies not only according to which directory software you're using, but also how your directory has been structured.
201
+
202
+
* For Microsoft Active Directory this is could be "Administrator", "Guest", and any other user you don't expect to contain human users.
203
+
* OpenLDAP and 389-DS do not ship with any users out of the box, though "root" and "nobody" are likely candidates to ignore.
204
+
205
+
This must be defined as an array even if you have only 1 user. Be sure to quote user names that have spaces. For example:
206
+
207
+
```
208
+
userNamesToIgnore:
209
+
- "root"
210
+
- "nobody"
211
+
- "Administrator"
212
+
- "Guest"
213
+
```
214
+
215
+
User name "root" must always be ignored because this is the built-in Gitlab root user. Do not attempt to create/sync this user name.
201
216
202
-
**Do not enable this option if you so happen to have the enterprise edition of Gitlab as it can impact the licensing fees you need to pay.**
217
+
Default: *null*
218
+
219
+
##### groupNamesToIgnore *(array|null)*
220
+
221
+
Specify a list of group names of which this tool should ignore. (Case-sensitive.)
222
+
223
+
This varies not only according to which directory software you're using, but also how your directory has been structured. You do not have to specify every group if you've left the "createEmptyGroups" setting (further down) switched off, as this will prevent groups containing no users to be ignored anyway.
203
224
204
-
Default: *true*
225
+
* For Microsoft Active Directory this is could be "Domain Computers", "Domain Controllers", "DnsAdmins", "DnsUpdateProxy", and any other group you don't expect to contain human users.
226
+
* OpenLDAP and 389-DS do not ship with any groups out of the box.
227
+
228
+
This must be defined as an array even if you have only 1 group. Be sure to quote group names that have spaces. For example:
229
+
230
+
```
231
+
groupNamesToIgnore:
232
+
- "Root"
233
+
- "Users"
234
+
- "Managed Service Accounts"
235
+
- "Marketing Staff"
236
+
```
237
+
238
+
Group names "Root" and "Users" must always be ignored because they are reserved keywords. Do not attempt to create/sync these group names.
239
+
240
+
Default: *null*
205
241
206
242
##### createEmptyGroups *(bool|null)*
207
243
@@ -259,29 +295,6 @@ groupNamesOfExternal:
259
295
260
296
Default: *null*
261
297
262
-
##### groupNamesToIgnore *(array|null)*
263
-
264
-
Specify a list of group names of which this tool should ignore.
265
-
266
-
This varies not only according to which directory software you're using, but also how your directory has been structured. You do not have to specify every group if you've left the "createEmptyGroups" setting (further down) switched off, as this will prevent groups containing no users to be ignored anyway.
267
-
268
-
* For Microsoft Active Directory this is could be "Domain Computers", "Domain Controllers", "DnsAdmins", "DnsUpdateProxy", and any other group you don't expect to contain human users.
269
-
* OpenLDAP and 389-DS do not ship with any groups out of the box.
270
-
271
-
This must be defined as an array even if you have only 1 group. Be sure to quote group names that have spaces. For example:
272
-
273
-
```
274
-
groupNamesToIgnore:
275
-
- "Root"
276
-
- "Users"
277
-
- "Managed Service Accounts"
278
-
- "Marketing Staff"
279
-
```
280
-
281
-
Group name "Root" and "Users" must always be ignored because they are reserved keywords. Do not attempt to create/sync these group names.
282
-
283
-
Default: *null*
284
-
285
298
#### instances *(array)*
286
299
287
300
Declare one or more Gitlab instances to sync with. Each array key represents the instance name, which can be used later on to only sync with a particular instance (out of multiple) when running this tool.
0 commit comments