grafanaConnect to the local domain controller

编辑grafana.ini配置

修改下方auth.ldap配置

[auth.ldap]
enabled = true
config_file = /etc/grafana/ldap.toml
allow_sign_up = true

编辑ldap.toml

host：It is designated for youldap服务器,可以指定多个,需要分隔符.

port：你的ldapThe port on which the server is listening.

bind_dn: you need specificou的管理员账号,I'm using Domain Manager here.

bind_password: 上面账号的密码.

search_filter:  Filter expression for user search,配合search_base_dns.

search_base_dns: 用户搜索的范围,这里在people这个ouSearch all users inside,需要配合search_filterto complete user filtering.

group_search_filter: Filter expression for group search,配合group_search_base_dns.

group_search_base_dns: Specifies the scope of the group search,我们的grafana这个ou里面设置了3个组.

servers.attributes: This is mainly for the user to obtain a specific extracted user entry with a specific field of extraction, usernameTake the specific field value from the queried user information asgrafana的用户名, 

                              member_of 代表,根据group_search_base_dns和group_search_filter After getting a specific group,Take that field as the group name. The obtained result needs to be consistent with the following mapping.

                              emailRepresents a specific usermail字段作为grafana用户的email信息.

servers_group_mappings: This is for definitionldap用户组和grafanaMapping of role groups, 上面member_of ,group_search_base_dns和group_search_filter These three conditions can be obtainedldap的组名,This must be consistent with the three conditions obtained.

重启服务

systemctl restart grafana-server