Hi,
I’m really struggling to automatically map LDAP groups to Organizations and Teams in Gitea. The process for this looks straightforward, we already use LDAP for Authentication, but enabling LDAP groups does not do what I would expect it to do.
Platform
Gitea Version 1.22.6 running on Linux (Rocky 9.5). Active Directory on Windows Server 2022.
User ingestion from LDAP (users in an AD group are valid users) has been in place for over a year, and for authentication purposes this is working without any problem.
Settings
So I have there the correct Base DN for our security groups, the correct AD attributes for groups and users, I’ve added a ‘blank’ filter in as I’ve seen people saying this has helped, and then my mapping line matches the AD container ‘Gitea-Test’ to the IT-Sys Organization and Test Team.
I then resync external sources
And should see a new member of the IT Sys Test Team (my test user). This does not appear.
All I see from the logging (at Trace verbosity) is the user-side of the synchronization working - groups don’t seem to be mentioned here at all.
Additionally I see nothing in Event Viewer on the domain controllers to help narrow this down.
Can anyone please spot anything I am obviously misconfiguring here or anything I can further check to troubleshoot? The lack of additional information in the logs is quite annoying - normally this would help track down a problem but without it I’m stuck.
Thanks in advance!
Paul
–
