More scotch to fix ldap

roles/grafana/templates/ldap.toml.j2

@@ -13,7 +13,7 @@ use_ssl = true
 # Set to true if connect ldap server with STARTTLS pattern (create connection in insecure, then upgrade to secure connection with TLS)
 start_tls = false
 # set to true if you want to skip ssl cert validation
-ssl_skip_verify = false
+ssl_skip_verify = true
 # set to the path to your root CA certificate or leave unset to use system defaults
 # root_ca_cert = "/path/to/certificate.crt"
 # Authentication against LDAP servers requiring client certificates
@@ -21,13 +21,13 @@ ssl_skip_verify = false
 # client_key = "/path/to/client.key"
 
 # Search user bind dn
-bind_dn = "{{ grafana.ldap_bind_dn }}"
+bind_dn = "uid=%s,{{ ldap_user_tree }}"
 # Search user bind password
 # If the password contains # or ; you have to wrap it with triple quotes. Ex """#password;"""
-bind_password = '{{ grafana.ldap_passwd }}'
+#bind_password = ''
 
 # User search filter, for example "(cn=%s)" or "(sAMAccountName=%s)" or "(uid=%s)"
-search_filter = "(cn=%s)"
+search_filter = "(uid=%s)"
 
 # An array of base dns to search through
 search_base_dns = ["{{ ldap_user_tree }}"]
@@ -35,15 +35,14 @@ search_base_dns = ["{{ ldap_user_tree }}"]
 ## For Posix or LDAP setups that does not support member_of attribute you can define the below settings
 ## Please check grafana LDAP docs for examples
 group_search_filter = "(&(objectClass=posixGroup)(memberUid=%s))"
-group_search_base_dns = ["ou=posix,ou=groups,{{ ldap_base }}"]
+group_search_base_dns = ["ou=group,{{ ldap_base }}"]
 group_search_filter_user_attribute = "cn"
 
 # Specify names of the ldap attributes your ldap uses
 [servers.attributes]
-name = "sn"
-surname = ""
-username = "cn"
-member_of = "dn"
+name = "givenName"
+surname = "sn"
+username = "uid"
 email =  "mail"
 
 # All LDAP members can edit