官方文档:https://grafana.com/docs/grafana/latest/auth/ldap/#configuration-examples
1.开启LDAP配置项
为了使用LDAP集成,您首先需要在主配置文件中(默认:/etc/grafana/grafana.ini)启用LDAP,并指定特定于LDAP的配置文件的路径(默认:/etc/grafana/ldap.toml)。
[auth.ldap]
# Set to `true` to enable LDAP integration (default: `false`)
enabled = true
# Path to the LDAP specific configuration file (default: `/etc/grafana/ldap.toml`)
config_file = /etc/grafana/ldap.toml
# Allow sign up should almost always be true (default) to allow new Grafana users to be created (if LDAP authentication is ok). If set to
# false only pre-existing Grafana users will be able to login (if LDAP authentication is ok).
allow_sign_up = true
2.Grafana LDAP配置
根据您正在使用的LDAP服务器及其配置方式,您的Grafana LDAP配置可能会有所不同。有关更多信息,请参见配置示例。
[[servers]]
host = "10.0.0.2"
port = 389
use_ssl = false
start_tls = false
ssl_skip_verify = false
bind_dn = "cn=admin,dc=grafana,dc=org"
bind_password = 'grafana'
search_filter = "(cn=%s)"
search_base_dns = ["ou=users,dc=grafana,dc=org"]
[servers.attributes]
member_of = "memberOf"
email = "email"
[[servers.group_mappings]]
group_dn = "cn=editors,ou=groups,dc=grafana,dc=org"
org_role = "Editor"
[[servers.group_mappings]]
group_dn = "*"
org_role = "Viewer"
3.配置完成后
访问grafana设置会出现LDAP标签 用创建的用户可以测试是否可以登录