API tools faq
paste
Guest User

Untitled

a guest
Nov 1st, 2018
136
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.38 KB | None | 0 0
raw download clone embed print report
  1. # Ldap server host (specify multiple hosts space separated)
  2. host = "10.10.10.254"
  3. # Default port is 389 or 636 if use_ssl = true
  4. port = 389
  5. # Set to true if ldap server supports TLS
  6. use_ssl = false
  7. # Set to true if connect ldap server with STARTTLS pattern (create connection in insecure, then upgrade to secure connection with TLS)
  8. start_tls = false
  9. # set to true if you want to skip ssl cert validation
  10. ssl_skip_verify = false
  11. # set to the path to your root CA certificate or leave unset to use system defaults
  12. # root_ca_cert = "/path/to/certificate.crt"
  13. # Authentication against LDAP servers requiring client certificates
  14. # client_cert = "/path/to/client.crt"
  15. # client_key = "/path/to/client.key"
  16.  
  17. # Search user bind dn
  18. bind_dn = "CN=ldap,OU=AdminDOMAIN,DC=test,DC=local"
  19. # Search user bind password
  20. # If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;"""
  21. bind_password = 'password_account'
  22.  
  23. # User search filter, for example "(cn=%s)" or "(sAMAccountName=%s)" or "(uid=%s)"
  24. search_filter = "(cn=%s)"
  25.  
  26. # An array of base dns to search through
  27. search_base_dns = ["OU=Collaborators,dc=test,dc=local"]
  28. #search_base_dns = ["dc=test,dc=local"]
  29.  
  30. ## For Posix or LDAP setups that does not support member_of attribute you can define the below settings
  31. ## Please check grafana LDAP docs for examples
  32. # group_search_filter = "(&(objectClass=posixGroup)(memberUid=%s))"
  33. # group_search_base_dns = ["ou=groups,dc=grafana,dc=org"]
  34. # group_search_filter_user_attribute = "uid"
  35.  
  36. # Specify names of the ldap attributes your ldap uses
  37. [servers.attributes]
  38. name = "givenName"
  39. surname = "sn"
  40. username = "cn"
  41. member_of = "memberOf"
  42. email = "email"
  43.  
  44. # Map ldap groups to grafana org roles
  45. [[servers.group_mappings]]
  46. group_dn = "cn=DomainsAdmins,dc=test,dc=local"
  47. org_role = "Admin"
  48. # To make user an instance admin (Grafana Admin) uncomment line below
  49. # grafana_admin = true
  50. # The Grafana organization database id, optional, if left out the default org (id 1) will be used
  51. # org_id = 1
  52.  
  53. [[servers.group_mappings]]
  54. #group_dn = "cn=UsersDomains,dc=test,dc=local"
  55. #org_role = "Editor"
  56.  
  57. [[servers.group_mappings]]
  58. # If you want to match all (or no ldap groups) then you can use wildcard
  59. group_dn = "cn=JenkinsDevops,dc=test,dc=local"
  60. org_role = "Viwer"
  61.  
  62. #################################### Auth LDAP ##########################
  63. [auth.ldap]
  64. enabled = true
  65. config_file = /etc/grafana/ldap.toml
  66. allow_sign_up = true
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!