API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 25th, 2019
134
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.51 KB | None | 0 0
raw download clone embed print report
  1. # To troubleshoot and get more log info enable ldap debug logging in grafana.ini
  2. # [log]
  3. # filters = ldap:debug
  4.  
  5. [[servers]]
  6. # Ldap server host (specify multiple hosts space separated)
  7. host = "bso-ad1.carinae.group"
  8. # Default port is 389 or 636 if use_ssl = true
  9. port = 389
  10. # Set to true if ldap server supports TLS
  11. use_ssl = false
  12. # Set to true if connect ldap server with STARTTLS pattern (create connection in insecure, then upgrade to secure connection with TLS)
  13. start_tls = false
  14. # set to true if you want to skip ssl cert validation
  15. ssl_skip_verify = false
  16. # set to the path to your root CA certificate or leave unset to use system defaults
  17. # root_ca_cert = "/path/to/certificate.crt"
  18. # Authentication against LDAP servers requiring client certificates
  19. # client_cert = "/path/to/client.crt"
  20. # client_key = "/path/to/client.key"
  21.  
  22. # Search user bind dn
  23. bind_dn = "readad@carinae.group"
  24. # Search user bind password
  25. # If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;"""
  26. bind_password = 'HVNpY4Qw'
  27.  
  28. # User search filter, for example "(cn=%s)" or "(sAMAccountName=%s)" or "(uid=%s)"
  29. search_filter = "(sAMAccountName=%s)"
  30.  
  31. # An array of base dns to search through
  32. search_base_dns = ["DC=carinae,DC=group"]
  33.  
  34. ## For Posix or LDAP setups that does not support member_of attribute you can define the below settings
  35. ## Please check grafana LDAP docs for examples
  36. # group_search_filter = "(&(objectClass=posixGroup)(memberUid=%s))"
  37. # group_search_base_dns = ["ou=groups,dc=grafana,dc=org"]
  38. # group_search_filter_user_attribute = "uid"
  39.  
  40. # Specify names of the ldap attributes your ldap uses
  41. [servers.attributes]
  42. name = "givenName"
  43. surname = "sn"
  44. username = "cn"
  45. member_of = "memberOf"
  46. email = "email"
  47.  
  48. # Map ldap groups to grafana org roles
  49. [[servers.group_mappings]]
  50. group_dn = "CN=SECURITY_ADMIN_CYMPA,OU=SECURITY,OU=GROUPS,OU=BSO,DC=carinae,DC=group"
  51. org_role = "Admin"
  52. # To make user an instance admin (Grafana Admin) uncomment line below
  53. grafana_admin = true
  54. # The Grafana organization database id, optional, if left out the default org (id 1) will be used
  55. # org_id = 1
  56.  
  57. #[[servers.group_mappings]]
  58. #group_dn = "cn=users,dc=grafana,dc=org"
  59. #org_role = "Editor"
  60.  
  61. [[servers.group_mappings]]
  62. # If you want to match all (or no ldap groups) then you can use wildcard
  63. #group_dn = "OU=BSO,DC=carinae,DC=group"
  64. #group_dn = "CN=MAIL_LIST_BSO_INTERNAL_ALL,OU=DISTRIBUTION,OU=GROUPS,OU=BSO,DC=carinae,DC=group"
  65. group_dn = "OU=USERS,OU=BSO,DC=carinae,DC=group"
  66. org_role = "Viewer"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!