Devenv: OpenLDAP-Mac improvements (#60229)

* Use groupOfUniqueNames and uniqueMember * Update README.md
2025-02-25 18:55:37 -06:00 · 2022-12-13 18:20:37 +01:00 · 2022-12-13 18:20:37 +01:00 · 7bb5200cc2
commit 7bb5200cc2
parent 58a41af3f3
4 changed files with 15 additions and 49 deletions
--- a/devenv/docker/blocks/auth/openldap-mac/README.md
+++ b/devenv/docker/blocks/auth/openldap-mac/README.md
@ -25,10 +25,10 @@ The following changes are needed at Grafana's configuration file.
 ```ini
 [auth.ldap]
 enabled = true
-config_file = conf/ldap_dev.toml
+config_file = conf/ldap.toml
 ```
-The configuration between Grafana and the OpenLDAP container is configured at [./conf/ldap.toml](../../../../conf/ldap.toml).
+The default configuration between Grafana and the OpenLDAP container is configured at [../../../../../conf/ldap.toml](../../../../../conf/ldap.toml).
 ## Available users and groups
--- a/devenv/docker/blocks/auth/openldap-mac/docker-compose.yaml
+++ b/devenv/docker/blocks/auth/openldap-mac/docker-compose.yaml
@ -12,4 +12,3 @@
    restart: unless-stopped
    volumes:
      - ./docker/blocks/auth/openldap-mac/prepopulate/:/tmp/smt/
      - ./docker/blocks/auth/openldap-mac/modules/:/tmp/smt/
--- a/devenv/docker/blocks/auth/openldap-mac/modules/memberof.ldif
+++ b/devenv/docker/blocks/auth/openldap-mac/modules/memberof.ldif
@ -1,33 +0,0 @@
 dn: cn=module,cn=config
 cn: module
 objectClass: olcModuleList
 objectClass: top
 olcModulePath: /usr/lib/ldap
 olcModuleLoad: memberof.la
 dn: olcOverlay={0}memberof,olcDatabase={1}hdb,cn=config
 objectClass: olcConfig
 objectClass: olcMemberOf
 objectClass: olcOverlayConfig
 objectClass: top
 olcOverlay: memberof
 olcMemberOfDangling: ignore
 olcMemberOfRefInt: TRUE
 olcMemberOfGroupOC: groupOfNames
 olcMemberOfMemberAD: member
 olcMemberOfMemberOfAD: memberOf
 dn: cn=module,cn=config
 cn: module
 objectClass: olcModuleList
 objectClass: top
 olcModulePath: /usr/lib/ldap
 olcModuleLoad: refint.la
 dn: olcOverlay={1}refint,olcDatabase={1}hdb,cn=config
 objectClass: olcConfig
 objectClass: olcOverlayConfig
 objectClass: olcRefintConfig
 objectClass: top
 olcOverlay: {1}refint
 olcRefintAttribute: memberof member manager owner
--- a/devenv/docker/blocks/auth/openldap-mac/prepopulate/3_groups.ldif
+++ b/devenv/docker/blocks/auth/openldap-mac/prepopulate/3_groups.ldif
@ -1,28 +1,28 @@
 dn: cn=admins,ou=groups,dc=grafana,dc=org
 cn: admins
-objectClass: groupOfNames
+objectClass: groupOfUniqueNames
 objectClass: top
-member: cn=ldap-admin,ou=users,dc=grafana,dc=org
+uniqueMember: cn=ldap-admin,ou=users,dc=grafana,dc=org
-member: cn=ldap-torkel,ou=users,dc=grafana,dc=org
+uniqueMember: cn=ldap-torkel,ou=users,dc=grafana,dc=org
 dn: cn=editors,ou=groups,dc=grafana,dc=org
 cn: editors
-objectClass: groupOfNames
+objectClass: groupOfUniqueNames
-member: cn=ldap-editor,ou=users,dc=grafana,dc=org
+uniqueMember: cn=ldap-editor,ou=users,dc=grafana,dc=org
 dn: cn=backend,ou=groups,dc=grafana,dc=org
 cn: backend
-objectClass: groupOfNames
+objectClass: groupOfUniqueNames
-member: cn=ldap-carl,ou=users,dc=grafana,dc=org
+uniqueMember: cn=ldap-carl,ou=users,dc=grafana,dc=org
-member: cn=ldap-leo,ou=users,dc=grafana,dc=org
+uniqueMember: cn=ldap-leo,ou=users,dc=grafana,dc=org
-member: cn=ldap-torkel,ou=users,dc=grafana,dc=org
+uniqueMember: cn=ldap-torkel,ou=users,dc=grafana,dc=org
 dn: cn=frontend,ou=groups,dc=grafana,dc=org
 cn: frontend
-objectClass: groupOfNames
+objectClass: groupOfUniqueNames
-member: cn=ldap-torkel,ou=users,dc=grafana,dc=org
+uniqueMember: cn=ldap-torkel,ou=users,dc=grafana,dc=org
-member: cn=ldap-daniel,ou=users,dc=grafana,dc=org
+uniqueMember: cn=ldap-daniel,ou=users,dc=grafana,dc=org
-member: cn=ldap-leo,ou=users,dc=grafana,dc=org
+uniqueMember: cn=ldap-leo,ou=users,dc=grafana,dc=org
 # -- POSIX --