Gitlab: LDAP “Invalid credentials”, but credentials are right

Question

The following ldapsearch command works, flawlessly.

ldapsearch -LLL -s sub -P 3 -D \"CN=,OU=IT,OU=Non-Users,OU=Users,OU=UserAccount,DC=,DC=com\" -H l

Answer 1

We had the similar issue, though our settings were all correct as we were getting the user search results by setting up the similar LDAP configuration on different tools like Jenkins, SonarQube; etc.

We resolved the issue by setting the value of DefaultForceNoPage to true in the ldap.rb file located at (the path may vary for different versions of gitlab):

/opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/net-ldap-0.16.0/lib/net/ldap.rb
                                                                      ^^^^^^^

which is false by default. So, once you have set the value to true, restart the GitLab server using:

gitlab-ctl reconfigure

You can also check if you are getting the results of the users of your organization by:

gitlab-rake gitlab:ldap:check

Note: Most common issues users face while logging into the application using their mail id's, you should put:

uid: 'mail'