Hi Im trying to get the LDAP authentication to work with Grafana. I want Grafana to assign role per group membership in the AD.
I’ve made the security groups in the AD (Viewer, Read & admin) and assigned the members.
It seems like Grafana is able to succesfully do the LDAP lookup, but I cant seem to find any users.
I am wondering if the security groups has to be in the same OU as the users? Or does anyone know why it doesnt work?
**Debuglog:**
> t=2022-05-31T05:25:11+0000 lvl=info msg="LDAP enabled, reading config file" logger=ldap file=/etc/grafana/ldap.toml
>
>
>
> t=2022-05-31T05:25:11+0000 lvl=eror msg="Cannot authenticate admin user in LDAP" logger=ldap error="invalid username or password"
**Lpda.toml**
> [[servers]]
> host = "[192.168.30.25](https://192.168.30.25)"
> port = 389
> use_ssl = false
> start_tls = false
> bind_dn = "grafanaadmin"
> bind_password = 'XXX'
> search_filter = "(sAMAccountName=%s)"
> search_base_dns = ["DC=enterprise,DC=local"]
> [servers.attributes]
> name = "givenName"
> surname = "sn"
> username = "sAMAccountName"
> member_of = "memberOf"
> email = "mail"
> [[servers.group_mappings]]
> group_dn = "CN=grafana-admin,CN=groups,DC=enterprise,DC=local"
> org_role = "Admin"
> [[servers.group_mappings]]
> group_dn = "CN=grafana-Editor,CN=groups,DC=enterprise,DC=local"
> org_role = "Editor"
> org_role = "Viewer"
> [[servers.group_mappings]]
> group_dn = "*"
> org_role = "Viewer"