I have integrated my LDAP with Grafana for Authentication.
I have defined and mapped the ldap groups in ldap.toml file but I am getting mapped to viewer group by default.
Below is my settings in the file
## Group search filter, to retrieve the groups of which the user is a member (only set if memberOf attribute is not available) group_search_filter = "(&(objectClass=posixGroup)(memberUid=%s))" ## An array of the base DNs to search through for groups. Typically uses ou=groups group_search_base_dns = ["ou=Groups,dc=example,dc=com"] # Specify names of the ldap attributes your ldap uses [servers.attributes] name = "givenName" surname = "sn" username = "cn" member_of = "cn" email = "email" # Map ldap groups to grafana org roles [[servers.group_mappings]] group_dn = "admin" org_role = "Admin" # The Grafana organization database id, optional, if left out the default org (id 1) will be used # org_id = 1 [[servers.group_mappings]] group_dn = "developer" org_role = "Editor" [[servers.group_mappings]] # If you want to match all (or no ldap groups) then you can use wildcard group_dn = "*" org_role = "Viewer"
Logs : -
t=2018-05-18T02:27:51+0000 lvl=info msg="Searching for user's groups" logger=ldap filter="(&(objectClass=posixGroup)(memberUid=test))"
Any help ?