I want to make ldap user relationship with Grafana organization using grafana group mappings but it does not work properly.
Please provide help to resolve this issue.
grafana log
t=2019-07-10T16:03:41+0900 lvl=info msg=“Ldap enabled, reading config file” logger=ldap file=/etc/grafana/ldap.toml
t=2019-07-10T16:03:41+0900 lvl=dbug msg=“Ldap Search For User Request” logger=ldap info=“(ldap.SearchRequest) {\n BaseDN: (string) (len=17) "dc=grafana,dc=org",\n Scope: (int) 2,\n DerefAliases: (int) 0,\n SizeLimit: (int) 0,\n TimeLimit: (int) 0,\n TypesOnly: (bool) false,\n Filter: (string) (len=16) "(cn=ldapuser1-1)",\n Attributes: (string) (len=5 cap=8) {\n (string) (len=2) "cn",\n (string) (len=2) "sn",\n (string) (len=5) "email",\n (string) (len=9) "givenName",\n (string) (len=8) "memberOf"\n },\n Controls: (ldap.Control) \n}\n”
t=2019-07-10T16:03:41+0900 lvl=dbug msg=“Ldap User found” logger=ldap info=“(*ldap.UserInfo)(0xc0005a9180)({\n DN: (string) (len=59) "cn=ldapuser1-1,cn=organization1,ou=groups,dc=grafana,dc=org",\n FirstName: (string) (len=11) "ldapuser1-1",\n LastName: (string) (len=11) "ldapuser1-1",\n Username: (string) (len=11) "ldapuser1-1",\n Email: (string) "",\n MemberOf: (string) {\n }\n})\n”
t=2019-07-10T16:03:41+0900 lvl=info msg=“Ldap Auth: user does not belong in any of the specified ldap groups” logger=ldap username=ldapuser1-1 groups=
t=2019-07-10T16:03:41+0900 lvl=eror msg=“Error while trying to authenticate user” logger=context userId=0 orgId=0 uname= error=“Invalid Username or Password”
t=2019-07-10T16:03:41+0900 lvl=eror msg=“Request Completed” logger=context userId=0 orgId=0 uname= method=POST path=/login status=500 remote_addr=192.168.54.196 time_ms=16 size=53 referer=http://192.168.247.195:3000/login
Where is the missing setting?
The Settings are below
openldap
dn: dc=grafana,dc=org
objectClass: dcObject
objectClass: organization
o: myorganization
dc: grafanadn: cn=admin,dc=grafana,dc=org
objectClass: organizationalRole
cn: admindn: ou=groups,dc=grafana,dc=org
objectClass: organizationalUnit
ou: groupsdn: cn=organization1,ou=groups,dc=grafana,dc=org
objectClass: posixGroup
objectClass: top
cn: organization1
gidNumber: 10001dn: cn=ldapuser1-1,cn=organization1,ou=groups,dc=grafana,dc=org
givenName: ldapuser1-1
sn: ldapuser1-1
cn: ldapuser1-1
uid: ldapuser1-1
userPassword:: e1NTSEF9U0hxTzZTSUVPa2lLSGE3TjRyeXIrdzV1Wk5XOFE1YzE=
uidNumber: 1001
gidNumber: 10001
homeDirectory: /home/organization1/ldapuser1-1
loginShell: /bin/bash
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
grep -v -e “^\s*#” -e “^\s*$” /etc/grafana/ldap.toml
[[servers]]
host = “127.0.0.1”
port = 389
use_ssl = false
start_tls = false
ssl_skip_verify = false
bind_dn = “cn=admin,dc=grafana,dc=org”
bind_password = ‘grafana’
search_filter = “(cn=%s)”
search_base_dns = [“dc=grafana,dc=org”]
[servers.attributes]
name = “givenName”
surname = “sn”
username = “cn”
member_of = “memberOf”
email = “email”
[[servers.group_mappings]]
group_dn = “cn=organization1,ou=groups,dc=grafana,dc=org”
org_role = “Editor”
org_id = 2
environment
CentOS Linux release 7.6.1810 (Core)
openldap-servers-2.4.44-21.el7_6.x86_64
grafana-6.2.5-1.x86_64