Hello Team,
We have installed Grafana-Loki using Helm Chart (version 2.10.1), and it works fine.
While upgrading the chart to implement LDAP authentication, by updating values as below, it gives an error. Can you please help triage this error?
grafana:
enabled: true
logLevel: debug
adminPassword: <REDACTED> # Change this to a secure password
ldap:
enabled: true
existingSecret: grafana-ldap
Hello @barkathm i would love to help you solve youre LDAP issues.
We will need a little more information however.
Can you provide a slightly sanitized version of youre existing secret? i will spin up a test instance of grafana in my kubernetes cluster that uses LDAP rather than OAuth2 for authentication.
From looking at the logs you have posted however it seems like it might be a simple authentication issue against the domain.
Thank you, @briangates, for extending your support to look into these issues.
Below is the ldap-config using which a secret (grafana-ldap) has been created:
[log]
filters = ldap:debug
[[servers]]
host = "test.div.com"
port = 636
use_ssl = true
start_tls = false
ssl_skip_verify = true
bind_dn = "cn=ldapuser,ou=Users,ou=PTL,ou=Divisions,dc=test,dc=div,dc=com"
bind_password = "REDACTED"
timeout = 10
# User search filter, for example "(cn=%s)" or "(sAMAccountName=%s)" or "(uid=%s)"
# Allow login from email or username, example "(|(sAMAccountName=%s)(userPrincipalName=%s))"
search_filter = ""
# An array of base dns to search through
search_base_dns = ["ou=Users,ou=PTL,ou=Divisions,dc=test,dc=div,dc=com"]
# Specify names of the LDAP attributes your LDAP uses
[servers.attributes]
name = "displayName"
email = "mail"
username = "sAMAccountName"
member_of = "member"