Tuesday 19 March 2013

Gerrit and ActiveDirectory

We've recently started testing out Gerrit at work and one of the tasks when setting it up was to integrate the authentication with ActiveDirectory.

The process was fairly straight forward. For reference here is an example AD configuration:

[ldap]
 server = ldap://dc.company.org:389

 accountBase = ou=People,dc=company,dc=org
 accountPattern = (&(objectCategory=Person)(sAMAccountName=${username}))
 accountFullName = displayName
 accountEmailAddress = mail

 groupBase = ou=Groups,ou=People,dc=company,dc=org
 groupMemberPattern = (&(objectClass=group)(member=${dn}))

 username = cn=Gerrit User,ou=People,dc=company,dc=org
 password = ********


The username/password are for the "bind" user that will be used to query the server. More information can be found on the Gerrit auth documentation page.

No comments: