How can I authorize a connection between two Gitlab and Freeipa containers (LDAP)?

here's my problem. I have a Freeipa LDAP (centos-8-stream-4.9.8) instance and another Gitlab (16.0.2-ee.0) instance running locally in two separate containers.

These instances were launched via a docker-compose. No problem for these instances, both are accessible and work perfectly.

I'm trying to make an SSO connection with my Gitlab instance and the Freeipa server with LDAP.

On my native machine, the following command works:

ldapsearch -x -H ldap://freeipa.packops.local -D "uid=admin,cn=users,cn=accounts,dc=packops,dc=local" -b "uid=user,cn=users,cn=accounts,dc=packops,dc=local" -w YOURPASSWORD

and returns this result:

   # extended LDIF
#
# LDAPv3
# base <uid=user,cn=users,cn=accounts,dc=packops,dc=local> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# user, users, accounts, packops.local
dn: uid=user,cn=users,cn=accounts,dc=packops,dc=local
givenName: user
sn: user
uid: user
cn: user user
displayName: user user
initials: uu
gecos: user user
krbPrincipalName: [email protected]
objectClass: top
objectClass: person
objectClass: organizationalperson
objectClass: inetorgperson
objectClass: inetuser
objectClass: posixaccount
objectClass: krbprincipalaux
objectClass: krbticketpolicyaux
objectClass: ipaobject
objectClass: ipasshuser
objectClass: ipaSshGroupOfPubKeys
objectClass: mepOriginEntry
objectClass: ipantuserattrs
loginShell: /bin/sh
homeDirectory: /home/user
mail: [email protected]
krbCanonicalName: [email protected]
ipaUniqueID: cee7019e-0f37-11ee-94dc-0242ac120002
uidNumber: 1615800003
gidNumber: 1615800003
krbPasswordExpiration: 20230620065805Z
krbLastPwdChange: 20230620065805Z
krbExtraData:: AAL9TZFkcm9vdC9hZG1pbkBQQUNLT1BTLkxPQ0FMAA==
mepManagedEntry: cn=user,cn=groups,cn=accounts,dc=packops,dc=local
ipaNTSecurityIdentifier: S-1-5-21-1133753079-3484878407-2653100528-1003
memberOf: cn=ipausers,cn=groups,cn=accounts,dc=packops,dc=local

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

However, when I connect to my Gitllab container and execute the same command, I get this result:

ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

Here's my Gitlab.rb config :

###! **remember to close this block with 'EOS' below**                         
gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'                                 
   main: # 'main' is the GitLab 'provider ID' of this LDAP server                             
     label: 'LDAP'                                                                     
     host: 'freeipa.packops.local'                                                           
     port: 389                                                                                 
     uid: 'uid'                                                                
     bind_dn: 'uid=admin,cn=users,cn=accounts,dc=packops,dc=local'                
     password: 'YOURPASSWORD'                                                                            
     encryption: 'start_tls' # "start_tls" or "simple_tls" or "plain"                                         
     active_directory: false                                                              
     allow_username_or_email_login: false                                        
     base: 'cn=users,cn=accounts,dc=packops,dc=local'                           
     user_filter: ''                                                            
EOS  

How can I authorize the connection between my Freeipa container and Gitlab container?

If you have any suggestions for solutions, I'd love to hear from you.

If you have any other questions, don't hesitate to ask me.