Feature: introduce LdapActiveSyncEnabled setting (#16787)

* Feature: introduce LdapActiveSyncEnabled setting

We probably remove it after the active sync is done.
But at the moment we do not want to affect the current users
with not fully tested feature

* Chore: move settings in more logical order

conf/defaults.ini

@@ -362,10 +362,10 @@ headers =
 enabled = false
 config_file = /etc/grafana/ldap.toml
 allow_sign_up = true
-sync_cron = @hourly
 
 # LDAP backround sync (Enterprise only)
 sync_cron = @hourly
+active_sync_enabled = false
 
 #################################### SMTP / Emailing #####################
 [smtp]

pkg/setting/setting.go

@@ -167,7 +167,8 @@ var (
 	LdapEnabled           bool
 	LdapConfigFile        string
 	LdapSyncCron          string
-	LdapAllowSignup = true
+	LdapAllowSignup       bool
+	LdapActiveSyncEnabled bool
 
 	// QUOTA
 	Quota QuotaSettings
@@ -971,10 +972,11 @@ type RemoteCacheOptions struct {
 
 func (cfg *Cfg) readLDAPConfig() {
 	ldapSec := cfg.Raw.Section("auth.ldap")
-	LdapEnabled = ldapSec.Key("enabled").MustBool(false)
 	LdapConfigFile = ldapSec.Key("config_file").String()
-	LdapAllowSignup = ldapSec.Key("allow_sign_up").MustBool(true)
 	LdapSyncCron = ldapSec.Key("sync_cron").String()
+	LdapEnabled = ldapSec.Key("enabled").MustBool(false)
+	LdapActiveSyncEnabled = ldapSec.Key("active_sync_enabled").MustBool(false)
+	LdapAllowSignup = ldapSec.Key("allow_sign_up").MustBool(true)
 }
 
 func (cfg *Cfg) readSessionConfig() {