Skip to content

ldapGroups is not iterable #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Adambean opened this issue Jul 14, 2018 · 4 comments
Open

ldapGroups is not iterable #1

Adambean opened this issue Jul 14, 2018 · 4 comments

Comments

@Adambean
Copy link

I've got this script so that it's able to talk to our internal Gitlab-CE, but it gives error "ldapGroups" is not iterable.

# npm start

> [email protected] start /opt/gitlab-ldap-group-sync
> node ./bin/www

Express server listening on port 8090
{ adamr: 2 }
TypeError: ldapGroups is not iterable
    at /opt/gitlab-ldap-group-sync/gitlabLdapGroupSync.js:58:27
    at Generator.next (<anonymous>)
    at onFulfilled (/opt/gitlab-ldap-group-sync/node_modules/co/index.js:65:19)
    at process._tickCallback (internal/process/next_tick.js:68:7)

Configuration is as follows:

{
  "port": 8090,
  "syncInterval": "10m",
  "gitlab": {
    "api": "https://git.example.com/api/v4",
    "privateToken": "myAdminSecretToken"
  },
  "ldap": {
    "url": "ldaps://internal.example.com",
    "baseDN": "dc=internal,dc=example,dc=com",
    "username": "uid=svc.gitlab,ou=Services,dc=internal,dc=example,dc=com",
    "password": "myLdapPassword",
    "groupPrefix": ""
  }
}

The LDAP server is running 389-DS, so the groups are at base DN ou=Groups,dc=internal,dc=example,dc=com. I didn't see that I could specify that option though. Not sure why groupPrefix is there, but the groups in LDAP don't have a specific prefix -- all should be synced.
@Adambean Adambean changed the title ldapGroups ldapGroups is not iterable Jul 14, 2018
@stefanjauker
Copy link
Contributor

you need a least one group starting with gitlab-. See:

gitlab-ldap-group-sync/gitlabLdapGroupSync.js

Line 147 in 9df6d13

ldap.findGroups('CN=gitlab-*', function (err, groups) {

Please create following groups on your 389-DS
gitlab-admins and gitlab-default

@Adambean
Copy link
Author

Ah thanks, that's a helpful line point. :)

I don't really want to be creating extra groups just for Gitlab as our team of 40ish people are already in appropriate groups. (I'll just edit the script to accept any group.)

@stefanjauker
Copy link
Contributor

hi,
can you send me a MR with you fix?

@Adambean
Copy link
Author

I'm not sure if this is the cause. I modified that CN=gitlab-* to just CN=* but it still has the same error, must be something else odd going on. Also tried lowercase cn but I doubt that matters. As the "activedirectory" Node module is being used perhaps this script is really limited to Active Directory servers rather than raw LDAP. -- I don't know much about the module really.

Just out of curiosity, there is a config option to specify the group prefix, is there any reason why it isn't being used in this function instead of a hard-coded prefix? (I noticed the config object isn't available to this function, so it may take quite a bit of re-writing to make that so.)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@stefanjauker @Adambean