Menu
Some of our GitLab users who where authenticated through LDAP got blocked when the LDAP authentication user account was locked. How can I unlock them? GitLab-EE seems to provide this feature by force syncing the LDAP state. How can I do that with GitLab-CE?
567
I had a user with state ldap_blocked
To fix, I went user.state='active' which returned => "active" then I did user.unlock_access! for good measure (probably not necessary).
User was then unblocked in the web console.
I followed instructions here: https://docs.gitlab.com/ee/security/unlock_user.html
Which involves getting into the ruby console:
sudo gitlab-rails console -e production
Then searching for the user and saving in a temporary variable:
userJohn = User.find_by(email: '[email protected]')
userJohn.state
=> "ldap_blocked"
I then deviated slightly from the instructions by setting user to active directly which seemed to work (the instructions said userJohn.unlock_access! which didn't work for me)
userJohn.state='active'
=> "active"
userJohn.state #me checking to make sure
=> "active"
I basically went straight into the database:
sudo -u gitlab-psql /opt/gitlab/embedded/bin/psql -h /var/opt/gitlab/postgresql -d gitlabhq
and
update public.users set state='active';
Note: this will unblock all users
33
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
