How to disable Create Project permission for users by default in GitLab?

Question

I am using the Omnibus GitLab CE system with LDAP authentication.

Because of LDAP authentication, anyone in my company can sign in to GitLab and a new GitLab user account associated with this user is created (according to my understanding).

I want to modify it so that by default this new user (who can automatically sign in based on his LDAP credentials) cannot create new projects.

Then, I as the admin, will probably handle most new project creation.

I might give the Create Project permission to a few special users.

Answer 1

In newer versions of GitLab >= v7.8 …

This is not a setting in config/gitlab.yml but rather in the GUI for admins.

Simply navigate to https://___[your GitLab URL]___/admin/application_settings/general#js-account-settings, and set Default projects limit to 0.

You can then access individual users's project limit at https://___[your GitLab URL]___/admin/users.

See GitLab's update docs for more settings changed between v7.7 and v7.8.

git diff origin/7-7-stable:config/gitlab.yml.example origin/7-8-stable:config/gitlab.yml.example

Answer 2

For all new users:

Refer to Nick Merrill answer.

For all existing users:

This is the best and quick method to make changes to projects limits:

$ gitlab-rails runner "User.where(projects_limit: 10).each { |u| u.projects_limit = 0; u.save }"