Using ldap authorisation, configuration I am following the official recommended configuration, but currently I can’t get normal administrator permissions (ldap group exists and users are included in it)
# Ldap server host (specify multiple hosts space separated)
host = "172.16.0.1"
port = 389
bind_dn = "cn=Manager, dc=test, dc=com"
bind_password = 'test123'
use_ssl = false
# Set to true if connect ldap server with STARTTLS pattern (create connection in insecure, then upgrade to secure connection with TLS)
start_tls = false
# set to true if you want to skip ssl cert validation
ssl_skip_verify = false
search_filter = "(cn=%s)"
search_base_dns = ["dc=test,dc=com"]
group_search_filter = "(&(objectClass=groupOfUniqueNames)(uniqueMember=%s))"
group_search_base_dns = ["ou=groups,dc=test,dc=com"]
group_search_filter_user_attribute = "uid"
[[servers.group_mappings]]
group_dn = "cn=grafana-admin,ou=groups,dc=test,dc=com"
org_role = "Admin"
[[servers.group_mappings]]
group_dn = "*"
org_role = "Viewer"
[servers.attributes]
name = "givenName"
surname = "sn"
username = "cn"
member_of = "memberOf"
email = "email"
With the above configuration enabled, the corresponding user should have administrator rights, but after testing, it only has view rights.
I made some changes to the configuration
[[servers.group_mappings]]
group_dn = "*"
org_role = "Admin"
Grafana: Version 10.2.3
OS: ubuntu 18.04.4
Browser: chrom 120.0.6099.216