The GitHub Enterprise – Using LDAP documentation lists FreeIPA as a supported LDAP service.
Although I was able to successfully test a basic LDAP connection, the test failed after I specified the Email (using value “mail”) and SSH key (using value “ipaSshPubKey”) fields. I received the following error:
Field `mail` is not an attribute in the user entry. Field `ipaSshPubKey` is not an attribute in the user entry.
For the Domain base, I had specified the following (which had worked for integrating FreeIPA’s LDAP with other services):
The problem, as far as I can tell, is that searching
dc=freeipa,dc=osric,dc=net for a username returns multiple entries.
The first entry, from
cn=users,cn=compat,dc=freeipa,dc=osric,dc=net, contains just 9 attributes and does not include
The second entry, from
cn=users,cn=accounts,dc=freeipa,dc=osric,dc=net contains 34 attributes and includes
I changed the value of Domain base to:
This solved the problem for me.