The ldap -> grafana user sync has started failing, on digging the error is a 403:
DEBUG:urllib3.connectionpool:http://localhost:3000 "PUT /api/users/742 HTTP/1.1" 403 82 {"message":"User info cannot be updated for external Users"} Traceback (most recent call last): File "./grafana-ldap-users-sync", line 316, in <module> sys.exit(main()) File "./grafana-ldap-users-sync", line 300, in main syncer.sync_ldap_users(ldap_uids, role) File "./grafana-ldap-users-sync", line 183, in sync_ldap_users grafana_uid = self._update_user(user, name, email)["id"] File "./grafana-ldap-users-sync", line 142, in _update_user r.raise_for_status() File "/usr/lib/python3/dist-packages/requests/models.py", line 940, in raise_for_status raise HTTPError(http_error_msg, response=self) requests.exceptions.HTTPError: 403 Client Error: Forbidden for url: http://localhost:3000/api/users/742
Via the error message I tracked down the change to the following commit: https://github.com/grafana/grafana/pull/58449/files
And indeed even from the admin UI users are shown as 'synced via oauth', which is not the case. I don't know the full context yet of the authentication change (to be investigated)