When using Gerrit inside a private corporate network, the most common authentication registry is Active Directory, or more generically an LDAP server.
The authentication process is radically different from the one previously described for OpenID. Following are the differences:
There is no direct Browser to LDAP authentication. Gerrit mediates the communication between the two.
Gerrit can pre-populate much more information on the user's profile thanks to a richer set of user attributes stored in the LDAP registry.
Group ownership can be pre-populated using LDAP.
Gerrit LDAP support is divided into two groups as follows:
Authentication and Lookup
Lookup only
The first group is the most common setup and is the one discussed in this chapter.
The second group is more of a companion to a different type of authentication (HTTP or X.509 Client SSL Certificate) and the LDAP is used only to populate the user's identity that has already been validated by a...