d2547bb832
* Move auth docker images to parent folder * Add README file for auth parent folder * Add grafana-authnz-team as code owner * Update `devenv` docs
60 lines
1.2 KiB
TOML
60 lines
1.2 KiB
TOML
# To troubleshoot and get more log info enable ldap debug logging in grafana.ini
|
|
# [log]
|
|
# filters = ldap:debug
|
|
|
|
# For the verbose comments options see "openldap" env block
|
|
|
|
# --- First LDAP Server (only admins) ---
|
|
|
|
[[servers]]
|
|
host = "127.0.0.1"
|
|
port = 389
|
|
use_ssl = false
|
|
start_tls = false
|
|
ssl_skip_verify = false
|
|
bind_dn = "cn=admin,dc=grafana,dc=org"
|
|
bind_password = 'grafana'
|
|
search_filter = "(cn=%s)"
|
|
search_base_dns = ["ou=users,dc=grafana,dc=org"]
|
|
|
|
[servers.attributes]
|
|
name = "givenName"
|
|
surname = "sn"
|
|
username = "cn"
|
|
member_of = "memberOf"
|
|
email = "email"
|
|
|
|
[[servers.group_mappings]]
|
|
group_dn = "cn=admins,ou=groups,dc=grafana,dc=org"
|
|
org_role = "Admin"
|
|
grafana_admin = true
|
|
|
|
# --- Second LDAP Server (rest of the users) ---
|
|
|
|
[[servers]]
|
|
host = "127.0.0.1"
|
|
port = 388
|
|
use_ssl = false
|
|
start_tls = false
|
|
ssl_skip_verify = false
|
|
|
|
bind_dn = "cn=admin,dc=grafana,dc=org"
|
|
bind_password = 'grafana'
|
|
search_filter = "(cn=%s)"
|
|
search_base_dns = ["ou=users,dc=grafana,dc=org"]
|
|
|
|
[servers.attributes]
|
|
name = "givenName"
|
|
surname = "sn"
|
|
username = "cn"
|
|
member_of = "memberOf"
|
|
email = "email"
|
|
|
|
[[servers.group_mappings]]
|
|
group_dn = "cn=editors,ou=groups,dc=grafana,dc=org"
|
|
org_role = "Editor"
|
|
|
|
[[servers.group_mappings]]
|
|
group_dn = "*"
|
|
org_role = "Viewer"
|