Commit f3b0b6af authored by Evan Read's avatar Evan Read

Merge branch 'docs-fix-332107' into 'master'

Fix Vale issues for /administration/auth/ldap/ldap-troubleshooting.md

See merge request gitlab-org/gitlab!76012
parents 5f70b3a4 b55c0b8a
...@@ -106,7 +106,7 @@ here are some questions to ask yourself: ...@@ -106,7 +106,7 @@ here are some questions to ask yourself:
- Does the user pass through the [configured `user_filter`](index.md#set-up-ldap-user-filter)? - Does the user pass through the [configured `user_filter`](index.md#set-up-ldap-user-filter)?
If one is not configured, this question can be ignored. If it is, then the If one is not configured, this question can be ignored. If it is, then the
user must also pass through this filter to be allowed to sign in. user must also pass through this filter to be allowed to sign in.
- Refer to our docs on [debugging the `user_filter`](#debug-ldap-user-filter). - Refer to our documentation on [debugging the `user_filter`](#debug-ldap-user-filter).
If the above are both okay, the next place to look for the problem is If the above are both okay, the next place to look for the problem is
the logs themselves while reproducing the issue. the logs themselves while reproducing the issue.
...@@ -316,7 +316,7 @@ LDAP search error: No Such Object ...@@ -316,7 +316,7 @@ LDAP search error: No Such Object
User Update (0.4ms) UPDATE "users" SET "state" = $1, "updated_at" = $2 WHERE "users"."id" = $3 [["state", "ldap_blocked"], ["updated_at", "2019-10-18 15:46:22.902177"], ["id", 20]] User Update (0.4ms) UPDATE "users" SET "state" = $1, "updated_at" = $2 WHERE "users"."id" = $3 [["state", "ldap_blocked"], ["updated_at", "2019-10-18 15:46:22.902177"], ["id", 20]]
``` ```
Once the user is found in LDAP, the rest of the output updates the GitLab After the user is found in LDAP, the rest of the output updates the GitLab
database with any changes. database with any changes.
#### Query a user in LDAP #### Query a user in LDAP
...@@ -337,8 +337,8 @@ Gitlab::Auth::Ldap::Person.find_by_uid('<uid>', adapter) ...@@ -337,8 +337,8 @@ Gitlab::Auth::Ldap::Person.find_by_uid('<uid>', adapter)
#### Membership(s) not granted #### Membership(s) not granted
Sometimes you may think a particular user should be added to a GitLab group via Sometimes you may think a particular user should be added to a GitLab group via
LDAP group sync, but for some reason it's not happening. There are several LDAP group sync, but for some reason it's not happening. You can check several
things to check to debug the situation. things to debug the situation.
- Ensure LDAP configuration has a `group_base` specified. - Ensure LDAP configuration has a `group_base` specified.
[This configuration](ldap_synchronization.md#group-sync) is required for group sync to work properly. [This configuration](ldap_synchronization.md#group-sync) is required for group sync to work properly.
...@@ -421,7 +421,7 @@ Started syncing 'ldapmain' provider for 'my_group' group ...@@ -421,7 +421,7 @@ Started syncing 'ldapmain' provider for 'my_group' group
``` ```
The following entry shows an array of all user DNs GitLab sees in the LDAP server. The following entry shows an array of all user DNs GitLab sees in the LDAP server.
These are the users for a single LDAP group, not a GitLab group. If These DNs are the users for a single LDAP group, not a GitLab group. If
you have multiple LDAP groups linked to this GitLab group, you see multiple you have multiple LDAP groups linked to this GitLab group, you see multiple
log entries like this - one for each LDAP group. If you don't see an LDAP user log entries like this - one for each LDAP group. If you don't see an LDAP user
DN in this log entry, LDAP is not returning the user when we do the lookup. DN in this log entry, LDAP is not returning the user when we do the lookup.
...@@ -545,7 +545,7 @@ updates the stored DN to the new value so both values now match what's in ...@@ -545,7 +545,7 @@ updates the stored DN to the new value so both values now match what's in
LDAP. LDAP.
If the email has changed and the DN has not, GitLab finds the user with If the email has changed and the DN has not, GitLab finds the user with
the DN and update its own record of the user's email to match the one in LDAP. the DN and updates its own record of the user's email to match the one in LDAP.
However, if the primary email _and_ the DN change in LDAP, then GitLab However, if the primary email _and_ the DN change in LDAP, then GitLab
has no way of identifying the correct LDAP record of the user and, as a has no way of identifying the correct LDAP record of the user and, as a
...@@ -563,7 +563,7 @@ email address are removed first. This is because emails have to be unique in Git ...@@ -563,7 +563,7 @@ email address are removed first. This is because emails have to be unique in Git
Go to the [rails console](#rails-console) and then run: Go to the [rails console](#rails-console) and then run:
```ruby ```ruby
# Each entry will have to include the old username and the new email # Each entry must include the old username and the new email
emails = { emails = {
'ORIGINAL_USERNAME' => 'NEW_EMAIL_ADDRESS', 'ORIGINAL_USERNAME' => 'NEW_EMAIL_ADDRESS',
... ...
...@@ -686,7 +686,7 @@ For more information, see the [official `ldapsearch` documentation](https://linu ...@@ -686,7 +686,7 @@ For more information, see the [official `ldapsearch` documentation](https://linu
### Using **AdFind** (Windows) ### Using **AdFind** (Windows)
You can use the [`AdFind`](https://social.technet.microsoft.com/wiki/contents/articles/7535.adfind-command-examples.aspx) utility (on Windows based systems) to test that your LDAP server is accessible and authentication is working correctly. This is a freeware utility built by [Joe Richards](http://www.joeware.net/freetools/tools/adfind/index.htm). You can use the [`AdFind`](https://social.technet.microsoft.com/wiki/contents/articles/7535.adfind-command-examples.aspx) utility (on Windows based systems) to test that your LDAP server is accessible and authentication is working correctly. AdFind is a freeware utility built by [Joe Richards](http://www.joeware.net/freetools/tools/adfind/index.htm).
**Return all objects** **Return all objects**
...@@ -719,9 +719,8 @@ For instructions about how to use the rails console, refer to this ...@@ -719,9 +719,8 @@ For instructions about how to use the rails console, refer to this
#### Enable debug output #### Enable debug output
This provides debug output that is useful to see This provides debug output that shows what GitLab is doing and with what.
what GitLab is doing and with what. This value is not persisted, and is only This value is not persisted, and is only enabled for this session in the Rails console.
enabled for this session in the rails console.
To enable debug output in the rails console, [enter the rails To enable debug output in the rails console, [enter the rails
console](#rails-console) and run: console](#rails-console) and run:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment