diff --git a/files/gitlab-ldap-sync.py b/files/gitlab-ldap-sync.py
index 943a6d7ae0acfb82803680461b39596ef62b92da..1e3539121feb69242450c4eb9f42f6e0b941b65c 100644
--- a/files/gitlab-ldap-sync.py
+++ b/files/gitlab-ldap-sync.py
@@ -106,7 +106,7 @@ def sync_group_members(gl, group, member_dns, ldap_provider='ldapmain', dry_run=
 	existing_member_dns = []
 	logging.debug('Checking current Gitlab group members')
 	members = group.members.list(all=True)
-	owner_count = len([member for member in members if member.access_level == gitlab.OWNER_ACCESS])
+	owner_count = len([member for member in members if member.access_level == gitlab.const.OWNER_ACCESS])
 	logging.debug('Group has %d owners', owner_count)
 	for member in members:
 		user = gl.users.get(member.id)
@@ -120,9 +120,9 @@ def sync_group_members(gl, group, member_dns, ldap_provider='ldapmain', dry_run=
 			logging.info('Removing user %s from group %s', dn, group.full_path)
 			if not dry_run:
 				member.delete()
-		elif member.access_level != gitlab.MASTER_ACCESS:
+		elif member.access_level != gitlab.const.MAINTAINER_ACCESS:
 			# We cannot change the access level of the last owner of a top-level group
-			if member.access_level == gitlab.OWNER_ACCESS:
+			if member.access_level == gitlab.const.OWNER_ACCESS:
 				if owner_count == 1 and not group.parent_id:
 					logging.info('Not updating access level of %s in group %s, because it is the last owner', dn, group.full_path)
 					continue
@@ -130,7 +130,7 @@ def sync_group_members(gl, group, member_dns, ldap_provider='ldapmain', dry_run=
 			logging.info('Updating access level of %s in group %s', dn, group.full_path)
 			try:
 				if not dry_run:
-					member.access_level = gitlab.MASTER_ACCESS
+					member.access_level = gitlab.const.MAINTAINER_ACCESS
 					member.save()
 			except gitlab.exceptions.GitlabUpdateError as e:
 				logging.exception('Access level update of %s in group %s failed', dn, group.full_path)
@@ -144,7 +144,7 @@ def sync_group_members(gl, group, member_dns, ldap_provider='ldapmain', dry_run=
 			continue
 		try:
 			if not dry_run:
-				group.members.create({'user_id': user.id, 'access_level': gitlab.MASTER_ACCESS})
+				group.members.create({'user_id': user.id, 'access_level': gitlab.const.MAINTAINER_ACCESS})
 		except gitlab.exceptions.GitlabCreateError as e:
 			if e.response_code == 500:
 				logging.info('Adding user %s to group %s failed with Internal Server Error', dn, group.full_path)
diff --git a/templates/gitlab.rb.j2 b/templates/gitlab.rb.j2
index 39e642bfeee606d1236bd4abc9085a0ac3b96e89..ee29fab6578330d36db99bbae712f486cdec8461 100644
--- a/templates/gitlab.rb.j2
+++ b/templates/gitlab.rb.j2
@@ -1783,68 +1783,6 @@ registry_nginx['enable'] = false
 # To completely disable prometheus, and all of it's exporters, set to false
 # prometheus_monitoring['enable'] = true
 
-################################################################################
-## Grafana Dashboards
-##! Docs: https://docs.gitlab.com/ee/administration/monitoring/prometheus/#prometheus-as-a-grafana-data-source
-################################################################################
-
-grafana['enable'] = false
-# grafana['log_directory'] = '/var/log/gitlab/grafana'
-# grafana['home'] = '/var/opt/gitlab/grafana'
-# grafana['admin_password'] = 'admin'
-# grafana['allow_user_sign_up'] = false
-# grafana['basic_auth_enabled'] = false
-# grafana['disable_login_form'] = true
-# grafana['gitlab_application_id'] = 'GITLAB_APPLICATION_ID'
-# grafana['gitlab_secret'] = 'GITLAB_SECRET'
-# grafana['env_directory'] = '/opt/gitlab/etc/grafana/env'
-# grafana['allowed_groups'] = []
-# grafana['gitlab_auth_sign_up'] = true
-# grafana['env'] = {
-#   'SSL_CERT_DIR' => "#{node['package']['install-dir']}/embedded/ssl/certs/"
-# }
-# grafana['metrics_enabled'] = false
-# grafana['metrics_basic_auth_username'] = 'grafana_metrics' # default: nil
-# grafana['metrics_basic_auth_password'] = 'please_set_a_unique_password' # default: nil
-
-### Dashboards
-#
-# See: http://docs.grafana.org/administration/provisioning/#dashboards
-#
-# NOTE: Setting this will override the default.
-#
-# grafana['dashboards'] = [
-#   {
-#     'name' => 'GitLab Omnibus',
-#     'orgId' => 1,
-#     'folder' => 'GitLab Omnibus',
-#     'type' => 'file',
-#     'disableDeletion' => true,
-#     'updateIntervalSeconds' => 600,
-#     'options' => {
-#       'path' => '/opt/gitlab/embedded/service/grafana-dashboards',
-#     }
-#   }
-# ]
-
-### Datasources
-#
-# See: http://docs.grafana.org/administration/provisioning/#example-datasource-config-file
-#
-# NOTE: Setting this will override the default.
-#
-# grafana['datasources'] = [
-#   {
-#     'name' => 'GitLab Omnibus',
-#     'type' => 'prometheus',
-#     'access' => 'proxy',
-#     'url' => 'http://localhost:9090'
-#   }
-# ]
-
-##! Advanced settings. Should be changed only if absolutely needed.
-# grafana['http_addr'] = 'localhost'
-# grafana['http_port'] = 3000
 
 ################################################################################
 ## Gitaly