Ldap auth problems: uid=fname / cn="My Name" / member

denny · July 24, 2020, 11:35am

Hello,

we use OpenLDAP with Grafana 7.1.0 and trying to get LDAP auth working. Problem is, to get group mapping working.
We have in our LDAP something like:

User

# John Deer, People, foo.local
dn: cn=John Deer,ou=People,dc=foo,dc=local
objectClass: webadmAccount
objectClass: person
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: organizationalPerson
objectClass: top
objectClass: shadowAccount
objectClass: HOSTOBJECT
cn: John Deer
uid: jdeer
sn: Deer
...

Groups

# monitoring, Groups, foo.local
dn: cn=monitoring,ou=Groups,dc=foo,dc=local
objectClass: groupOfNames
member: cn=John Deer,ou=People,dc=foo,dc=local

I don’t get it working, to match user uid with cn. All examples have the same uid and cn

ldap.toml

...
search_base_dns = ["ou=people,dc=foo,dc=local"]

search_filter = "(uid=%s)"
use_ssl = true
start_tls = true

[servers.attributes]
email = "mail"
member_of = "member"
name = "givenName"
username = "uid"

[[servers.group_mappings]]
group_dn = "cn=monitoring,ou=groups,dc=foo,dc=local"
org_role = "Admin"

[[servers.group_mappings]]
group_dn = "cn=monitoring,ou=groups,dc=foo,dc=local"
org_role = "Editor"

I tried a lot of combinations … but either the Group is wrong (doesn’t exist) or group is empty [ ], so login fails.

It would be great, if someone can put me into the right direction

cu denny

Topic		Replies	Views
LDAP user mappings? Authentication	5	4057	September 2, 2020
LDAP group mapping not working properly Authentication ldap	3	9664	May 7, 2021
Ldap Auth: user does not belong in any of the specified ldap groups Authentication	3	4353	September 6, 2024
LDAP group mappings and Active Directory Configuration	5	7869	October 30, 2019
LDAP Authentication not working with Grafana for poxisGroup Configuration	1	654	May 18, 2018

Ldap auth problems: uid=fname / cn="My Name" / member

Related topics