LDAP - empty record in user table for service accout

Hi All,

We are using LDAP for authentication which works fine for ordinary users but behaves weird for service accounts in grafana 5 and 6.

Configuration is following - ldap.toml:

search_filter = "(|(uid=%s)(krbprincipalname=%s))"
search_base_dns = ["cn=services,cn=accounts,dc=int,dc=com", "cn=users,cn=accounts,dc=int,dc=com"]

[servers.attributes]
name = "displayName"
surname = "sn"
username = "uid"
member_of = "memberOf"
email =  "mail"

If an ordinary user login to Grafana a following records are created in sqlite db:

sqlite> select * from user where id=26;
26|0|ordinary.user|ordinary.user@int.com|Ordinary User|xxx|1|0|0||2019-03-11 12:14:25|2019-03-11 12:14:25|0|2019-03-11 12:14:30
sqlite> select  * from  user_auth where user_id=26;
24|26|ldap|uid=ordinary.user,cn=users,cn=accounts,dc=int,dc=com|2019-03-11 12:14:25

That’s fine and everything works as expected.

The problem is when a service account (HTTP/jenkins-slave09.int.com@INT.COM) is used.
An empty record is created in table users:

sqlite> select * from user where id=27;
27|0||| ||yyy||1|0|0||2019-03-11 13:22:07|2019-03-11 13:22:07|0|2019-03-11 16:29:35
sqlite> select  * from  user_auth where user_id=27;
25|27|ldap|krbprincipalname=HTTP/jenkins-slave09.int.com@INT.COM,cn=services,cn=accounts,dc=int,dc=com|2019-03-11 13:22:07

In UI it looks like picture bellow:

Services account have no attributes username and email so I basically understand why an empty record is created but in version 4.x it created user HTTP/jenkins-slave09.int.com@INT.COM with email HTTP/jenkins-slave09.int.com@INT.COM in table user.

So my questions are:
Is that bug or feature in grafana 5 and 6?
Or maybe better could I somehow achieve behaviour seen in version 4?

Best regards,
Vladimir

More details in: Grafana GitHub issue