Merge branch 'ldap-block_auto_created_users' into 'master'

Add config var to block auto-created LDAP users.

Addresses private issue https://dev.gitlab.org/gitlab/gitlabhq/issues/2110.

See merge request !522

2 files changed, 6 insertions, 0 deletions

diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index 46b9f05cc17..ba40671b162 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -146,6 +146,11 @@ production: &base
         # disable this setting, because the userPrincipalName contains an '@'.
         allow_username_or_email_login: false
 
+        # To maintain tight control over the number of active users on your GitLab installation,
+        # enable this setting to keep new users blocked until they have been cleared by the admin 
+        # (default: false).
+        block_auto_created_users: false
+
         # Base where we can search for users
         #
         #   Ex. ou=People,dc=gitlab,dc=example
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index d5cddb8dbf0..0abd34fc3e0 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -76,6 +76,7 @@ if Settings.ldap['enabled'] || Rails.env.test?
 
   Settings.ldap['servers'].each do |key, server|
     server['label'] ||= 'LDAP'
+    server['block_auto_created_users'] = false if server['block_auto_created_users'].nil?
     server['allow_username_or_email_login'] = false if server['allow_username_or_email_login'].nil?
     server['active_directory'] = true if server['active_directory'].nil?
     server['provider_name'] ||= "ldap#{key}".downcase