Grafana配置LDAP认证

*爱你&永不变心* 提交于 2020-08-16 14:17:40

Grafana从2.1开始支持LDAP集成LDAP的统一用户登录认证。默认是LDAP是未启用,需手动更改配置使之能支持LDAP。在参考官方文档Grafana LDAP Authentication进行配置。

  1. Grafana主配置文件grafana.ini中开启LDAP认证
    vim /etc/grafana/grafana.ini
    [auth.ldap]
    enabled = true
    config_file = /etc/grafana/ldap.toml
    allow_sign_up = true

  2. LDAP配置/ldap.toml
    [[servers]]
    host = "10.10.10.10"
    port = 389
    use_ssl = false
    start_tls = false
    ssl_skip_verify = false
    bind_dn = "cn=ldapadmin,cn=Users,dc=hi,dc=local"
    bind_password = 'xxxxxx'
    search_filter = "(cn=%s)"
    search_base_dns = ["dc=hi,dc=local"]
    [servers.attributes]
    name = "givenName"
    surname = "sn"
    username = "cn"
    member_of = "memberOf"
    email =  "email"
    [[servers.group_mappings]]
    group_dn = "cn=admins,dc=grafana,dc=org"
    org_role = "Admin"
    [[servers.group_mappings]]
    group_dn = "cn=users,dc=grafana,dc=org"
    org_role = "Editor"
    [[servers.group_mappings]]
    group_dn = "*"
    org_role = "Viewer"
  3. 查看LDAP连接
    如果ldap.toml配置正确无误,Grafana可在Server Admin查看LDAP连接情况和测试用户映射。但仅限admin管理员操作。
    Grafana配置LDAP认证

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!