# this is an example config for the ergo-ldap plugin.
# consult the grafana docs for details on how to configure this:
# https://grafana.com/docs/grafana/latest/auth/ldap/
# XXX: where grafana uses underscores in key names, we use hyphens

# example configuration that works with Forum Systems's testing server:
# https://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/
host: "ldap://127.0.0.1"
port: 389
timeout: 30s
# uncomment for TLS:
# use-ssl: true

# example "single-bind" configuration, where we bind directly to the user's entry:
bind-dn: "ou=users,dc=yunohost,dc=org"

# example "admin bind" configuration, where we bind to an initial admin user,
# then search for the user's entry with a search filter:
#search-base-dns:
#    - "dc=example,dc=com"
#bind-dn: "cn=read-only-admin,dc=example,dc=com"
#bind-password: "password"
#search-filter: "(uid=%s)"

# example of requiring that users be in a particular group
# (note that this is an OR over the listed groups, not an AND):
#require-groups:
#    - "ou=mathematicians,dc=example,dc=com"
#group-search-filter-user-attribute: "dn"
#group-search-filter: "(uniqueMember=%s)"
#group-search-base-dns:
#    - "dc=example,dc=com"

# example of group membership testing via user attributes, as in AD
# or with OpenLDAP's "memberOf overlay" (overrides group-search-filter):
#     attributes:
#         member-of: "memberOf"