Hello,

We are planning to buy the Enterprise Edition and we would like to to migrate from Gitlab SSO to Active Directory, while keeping all the history/permissions and whatever attributes of each user.
In our current setup Gitlab brokers the authentication to Active Directory, so the existing users on gitlab/mattermost all come from Active Directory.

So the question is, how can we ensure that all users keep their own settings as they are, after switching the authentication mechanism to Active Directory/LDAP?

P. S. Previously we have switched from one gitlab setup to another and at that point in time it was easier to start over. Mattermost used the ID number of the users instead of the e-mail addresses/usernames and we’re really concerned about this if we switch the authentication.

Thanks!

Hey @vinci,
you can migrate the users from gitlab auth to ldap/ad auth with the migrate_auth command.
See: https://docs.mattermost.com/administration/command-line-tools.html#mattermost-user-migrate-auth

You have to supply it with a match field by which it looks up the users in AD so if the emails are matching in both Gitlab and AD this should be a matter of seconds/minutes.

All the best,
Sven

Hey,

Thanks for the useful answer. That’s probably all we’re going to need.
Just one question out of curiosity: when we changed from one gitlab source to a different gitlab source, could we have used this tool also? Or what would have been a proper way of doing that by making sure it matches the different IDs against the e-mail addresses?

I would appreciate an answer to my last question also, even if it’s not the main question of the thread.
Thank you in advance!

@sven.huester Do you or someone else on support team know the answer?