Hi, I am configuring LDAP on NaBox for our organisation and NaBox only allows me to use pre-set attributes. Is there a way I can customise the LDAP attributes Grafana uses? e.g. Name, Email & Username attributes. This is not showing up as correct with our custom LDAP attributes. I can see Grafana nativley supports this by diving into configuration files however NaBox being an all-in-one appliance is a bit different, does anybody know the path to the same or similar config file?
#Custom LDAP Attributes
hazy flare
raven acorn
@late idol
late idol
Thanks Rahul, I was thinking about it but I don’t think there is an easy way out of this. Of course you can adjust ldap.toml to your liking but it’ll be overwritten on settings change. Those attributes you’re using, are they from some specific directory service ? Or is that totally custom made not based on any standard attributes ?
hazy flare
The attributes are custom attributes from our directory. We do not like to match attributes using email, username or name as these can commonly be repeated and have orphaned values from old accounts or old users.
Instead for all services the anchor or matching attribute must use our UUID which is a 24 character string or privacyemail attribute. Both are randomly generated and these are to be used our anchor attribute
uid > ObjectID (anchor attribute)
email > PrivacyMail
Username > uid
Name > Name
I understand this is quite an advanced question, also the risk for us in having orphaned values or old users is close to 0 as this is for administrators only. However our organisation takes these policies seriously... (very frustrating at times)
I can see the ldap.toml file in /opt/grafana however it is read only
late idol
I understand. You should be able to edit as root though, no ?