we use OpenLDAP with Grafana 7.1.0 and trying to get LDAP auth working. Problem is, to get group mapping working.
We have in our LDAP something like:
# John Deer, People, foo.local dn: cn=John Deer,ou=People,dc=foo,dc=local objectClass: webadmAccount objectClass: person objectClass: inetOrgPerson objectClass: posixAccount objectClass: organizationalPerson objectClass: top objectClass: shadowAccount objectClass: HOSTOBJECT cn: John Deer uid: jdeer sn: Deer ...
# monitoring, Groups, foo.local dn: cn=monitoring,ou=Groups,dc=foo,dc=local objectClass: groupOfNames member: cn=John Deer,ou=People,dc=foo,dc=local
I don’t get it working, to match user uid with cn. All examples have the same uid and cn
... search_base_dns = ["ou=people,dc=foo,dc=local"] search_filter = "(uid=%s)" use_ssl = true start_tls = true [servers.attributes] email = "mail" member_of = "member" name = "givenName" username = "uid" [[servers.group_mappings]] group_dn = "cn=monitoring,ou=groups,dc=foo,dc=local" org_role = "Admin" [[servers.group_mappings]] group_dn = "cn=monitoring,ou=groups,dc=foo,dc=local" org_role = "Editor"
I tried a lot of combinations … but either the Group is wrong (doesn’t exist) or group is empty [ ], so login fails.
It would be great, if someone can put me into the right direction