diff options
author | ngourdon <ngourdon@gmail.com> | 2019-06-17 20:32:20 +0200 |
---|---|---|
committer | techknowlogick <hello@techknowlogick.com> | 2019-06-17 14:32:20 -0400 |
commit | a618df8d8474efb9148d29c4ce6cf8ec14cfca7a (patch) | |
tree | 439f8f1c96693cba29b7a598ae5bd2ad21a4686c /docs | |
parent | a200ca15519d6f23a0b64c062f23000c347ce7b6 (diff) | |
download | gitea-a618df8d8474efb9148d29c4ce6cf8ec14cfca7a.tar.gz gitea-a618df8d8474efb9148d29c4ce6cf8ec14cfca7a.zip |
Add CLI commands to manage LDAP authentication source (#6681)
* add CLI commands to manage LDAP authentication source
* delete Gogs copyright
* remove unused return value of func parseLoginSource
* fix comment
Co-Authored-By: ngourdon <31291059+ngourdon@users.noreply.github.com>
* remove config flag already present in global flags
* remove config flag from ldap commands in docs
* remove config flag handling
Diffstat (limited to 'docs')
-rw-r--r-- | docs/content/doc/usage/command-line.en-us.md | 88 |
1 files changed, 88 insertions, 0 deletions
diff --git a/docs/content/doc/usage/command-line.en-us.md b/docs/content/doc/usage/command-line.en-us.md index 516e46ff0b..0955680af2 100644 --- a/docs/content/doc/usage/command-line.en-us.md +++ b/docs/content/doc/usage/command-line.en-us.md @@ -123,6 +123,94 @@ Admin operations: - `--custom-email-url`: Use a custom Email URL (option for GitHub). - Examples: - `gitea admin auth update-oauth --id 1 --name external-github-updated` + - `add-ldap`: Add new LDAP (via Bind DN) authentication source + - Options: + - `--name value`: Authentication name. Required. + - `--not-active`: Deactivate the authentication source. + - `--security-protocol value`: Security protocol name. Required. + - `--skip-tls-verify`: Disable TLS verification. + - `--host value`: The address where the LDAP server can be reached. Required. + - `--port value`: The port to use when connecting to the LDAP server. Required. + - `--user-search-base value`: The LDAP base at which user accounts will be searched for. Required. + - `--user-filter value`: An LDAP filter declaring how to find the user record that is attempting to authenticate. Required. + - `--admin-filter value`: An LDAP filter specifying if a user should be given administrator privileges. + - `--username-attribute value`: The attribute of the user’s LDAP record containing the user name. + - `--firstname-attribute value`: The attribute of the user’s LDAP record containing the user’s first name. + - `--surname-attribute value`: The attribute of the user’s LDAP record containing the user’s surname. + - `--email-attribute value`: The attribute of the user’s LDAP record containing the user’s email address. Required. + - `--public-ssh-key-attribute value`: The attribute of the user’s LDAP record containing the user’s public ssh key. + - `--bind-dn value`: The DN to bind to the LDAP server with when searching for the user. + - `--bind-password value`: The password for the Bind DN, if any. + - `--attributes-in-bind`: Fetch attributes in bind DN context. + - `--synchronize-users`: Enable user synchronization. + - `--page-size value`: Search page size. + - Examples: + - `gitea admin auth add-ldap --name ldap --security-protocol unencrypted --host mydomain.org --port 389 --user-search-base "ou=Users,dc=mydomain,dc=org" --user-filter "(&(objectClass=posixAccount)(uid=%s))" --email-attribute mail` + - `update-ldap`: Update existing LDAP (via Bind DN) authentication source + - Options: + - `--id value`: ID of authentication source. Required. + - `--name value`: Authentication name. + - `--not-active`: Deactivate the authentication source. + - `--security-protocol value`: Security protocol name. + - `--skip-tls-verify`: Disable TLS verification. + - `--host value`: The address where the LDAP server can be reached. + - `--port value`: The port to use when connecting to the LDAP server. + - `--user-search-base value`: The LDAP base at which user accounts will be searched for. + - `--user-filter value`: An LDAP filter declaring how to find the user record that is attempting to authenticate. + - `--admin-filter value`: An LDAP filter specifying if a user should be given administrator privileges. + - `--username-attribute value`: The attribute of the user’s LDAP record containing the user name. + - `--firstname-attribute value`: The attribute of the user’s LDAP record containing the user’s first name. + - `--surname-attribute value`: The attribute of the user’s LDAP record containing the user’s surname. + - `--email-attribute value`: The attribute of the user’s LDAP record containing the user’s email address. + - `--public-ssh-key-attribute value`: The attribute of the user’s LDAP record containing the user’s public ssh key. + - `--bind-dn value`: The DN to bind to the LDAP server with when searching for the user. + - `--bind-password value`: The password for the Bind DN, if any. + - `--attributes-in-bind`: Fetch attributes in bind DN context. + - `--synchronize-users`: Enable user synchronization. + - `--page-size value`: Search page size. + - Examples: + - `gitea admin auth update-ldap --id 1 --name "my ldap auth source"` + - `gitea admin auth update-ldap --id 1 --username-attribute uid --firstname-attribute givenName --surname-attribute sn` + - `add-ldap-simple`: Add new LDAP (simple auth) authentication source + - Options: + - `--name value`: Authentication name. Required. + - `--not-active`: Deactivate the authentication source. + - `--security-protocol value`: Security protocol name. Required. + - `--skip-tls-verify`: Disable TLS verification. + - `--host value`: The address where the LDAP server can be reached. Required. + - `--port value`: The port to use when connecting to the LDAP server. Required. + - `--user-search-base value`: The LDAP base at which user accounts will be searched for. + - `--user-filter value`: An LDAP filter declaring how to find the user record that is attempting to authenticate. Required. + - `--admin-filter value`: An LDAP filter specifying if a user should be given administrator privileges. + - `--username-attribute value`: The attribute of the user’s LDAP record containing the user name. + - `--firstname-attribute value`: The attribute of the user’s LDAP record containing the user’s first name. + - `--surname-attribute value`: The attribute of the user’s LDAP record containing the user’s surname. + - `--email-attribute value`: The attribute of the user’s LDAP record containing the user’s email address. Required. + - `--public-ssh-key-attribute value`: The attribute of the user’s LDAP record containing the user’s public ssh key. + - `--user-dn value`: The user’s DN. Required. + - Examples: + - `gitea admin auth add-ldap-simple --name ldap --security-protocol unencrypted --host mydomain.org --port 389 --user-dn "cn=%s,ou=Users,dc=mydomain,dc=org" --user-filter "(&(objectClass=posixAccount)(cn=%s))" --email-attribute mail` + - `update-ldap-simple`: Update existing LDAP (simple auth) authentication source + - Options: + - `--id value`: ID of authentication source. Required. + - `--name value`: Authentication name. + - `--not-active`: Deactivate the authentication source. + - `--security-protocol value`: Security protocol name. + - `--skip-tls-verify`: Disable TLS verification. + - `--host value`: The address where the LDAP server can be reached. + - `--port value`: The port to use when connecting to the LDAP server. + - `--user-search-base value`: The LDAP base at which user accounts will be searched for. + - `--user-filter value`: An LDAP filter declaring how to find the user record that is attempting to authenticate. + - `--admin-filter value`: An LDAP filter specifying if a user should be given administrator privileges. + - `--username-attribute value`: The attribute of the user’s LDAP record containing the user name. + - `--firstname-attribute value`: The attribute of the user’s LDAP record containing the user’s first name. + - `--surname-attribute value`: The attribute of the user’s LDAP record containing the user’s surname. + - `--email-attribute value`: The attribute of the user’s LDAP record containing the user’s email address. + - `--public-ssh-key-attribute value`: The attribute of the user’s LDAP record containing the user’s public ssh key. + - `--user-dn value`: The user’s DN. + - Examples: + - `gitea admin auth update-ldap-simple --id 1 --name "my ldap auth source"` + - `gitea admin auth update-ldap-simple --id 1 --username-attribute uid --firstname-attribute givenName --surname-attribute sn` #### cert |