Hi,
Iam using Grafana 6.4 and unable to see datasources tab on grafana UI when logged in as admin ldap user.
When i login as default admin/admin i can see the datasources tab.
Iam using grafana 6.4 version. Below are the changes configured.
- enabled apache auth proxy on grafana and integrated with LDAP.
- Enabled datasources provisioning on grafana.
Please see below configs.
[alerting]
enabled = false
execute_alerts = false
[analytics]
check_for_updates = true
[auth.anonymous]
enabled = false
[auth.basic]
enabled = true
[auth]
signout_redirect_url = https://padm.test.com
[auth.proxy]
auto_sign_up = true
enable_login_token = true
enabled = true
header_name = X-WEBAUTH-USER
header_property = username
[auth.ldap]
allow_sign_up = true
config_file = /etc/grafana/ldap.toml
enabled = true
[dashboards.json]
enabled = false
path = /var/lib/grafana/dashboards
[emails]
welcome_email_on_sign_up = false
[grafana_com]
url = https://grafana.com
[grafana_net]
url = https://grafana.net
[log]
filters = ldap:debug
level = debug
mode = console
[log.console]
format = console
level = info
[metrics]
enabled = true
interval_seconds = 10
[paths]
data = /var/lib/grafana/data
logs = /var/log/grafana
plugins = /var/lib/grafana/plugins
provisioning = /etc/grafana/provisioning
[security]
disable_gravatar = false
[server]
root_url = %(protocol)s://%(domain)s:%(http_port)s/grafana
[smtp]
enabled = true
from_address = grafana-sre@test.com
from_name = SREGrafana
host = mailhost.core.test.com:25
[users]
allow_org_create = false
allow_sign_up = false
viewers_can_edit = true
Ldap.toml:
verbose_logging = true
[[servers]]
host = "ldap1.test.com ldap2.test.com"
port = 389
use_ssl = false
start_tls = false
ssl_skip_verify = false
bind_dn = "uid=searchuser,OU=people,O=test.com,DC=test,DC=com"
bind_password = "searchme"
search_filter = "(uid=%s)"
search_base_dns = ["OU=people,O=test.com,DC=test,DC=com"]
group_search_base_dns = ["ou=group,o=test.com,dc=test,dc=com"]
group_search_filter = "(&(objectclass=groupOfUniqueNames)(|(uniquemember=uid=%s,*)(expandedmember=uid=%s,*)))"
[servers.attributes]
name = "givenName"
surname = "sn"
username = "uid"
member_of = "cn"
email = "mail"
[[servers.group_mappings]]
group_dn = "*"
org_role = "Viewer"
[[servers.group_mappings]]
group_dn = "sreops"
org_role = "Admin"
!