fessConfig.getLdapAdminSecurityCredentials());
    }

    /**
     * Updates the LDAP configuration.
     */
    public void updateConfig() {
        isBind = false;
    }

    /**
     * Validates the LDAP connection.
     *
     * @return True if the LDAP connection is valid, otherwise false.
     */
    protected boolean validate() {
        if (!isBind) {

ldap.role.search.role.enabled=true

# LDAP attribute for surname.
ldap.attr.surname=sn
# LDAP attribute for given name.
ldap.attr.givenName=givenName
# LDAP attribute for employee number.
ldap.attr.employeeNumber=employeeNumber
# LDAP attribute for mail.
ldap.attr.mail=mail
# LDAP attribute for telephone number.
ldap.attr.telephoneNumber=telephoneNumber

	// 1. Collect all LDAP users with active creds.
	allCreds := sys.store.GetSTSAndServiceAccounts()
	// List of unique LDAP (parent) user DNs that have active creds
	var parentUserActualDNList []string
	// Map of LDAP user (internal representation) to list of active credential objects
	parentUserToCredsMap := make(map[string][]auth.Credentials)
	// DN to ldap username mapping for each LDAP user

		}
		targetGroups = requestorGroups

		// In case of LDAP/OIDC we need to set `opts.claims` to ensure
		// it is associated with the LDAP/OIDC user properly.
		for k, v := range cred.Claims {
			if k == expClaim {
				continue
			}
			opts.claims[k] = v
		}
	} else if globalIAMSys.LDAPConfig.Enabled() {
		// In case of LDAP we need to resolve the targetUser to a DN and
		// query their groups:

	},
	ErrAdminLDAPNotEnabled: {
		Code:           "XMinioLDAPNotEnabled",
		Description:    "LDAP is not enabled. LDAP must be enabled to make LDAP requests.",
		HTTPStatusCode: http.StatusNotImplemented,
	},
	ErrAdminLDAPExpectedLoginName: {
		Code:           "XMinioLDAPExpectedLoginName",
		Description:    "Expected LDAP short username but was given full DN.",
		HTTPStatusCode: http.StatusBadRequest,
	},

labels.general_menu_suggest=Предложения
labels.general_menu_ldap=LDAP
labels.general_menu_notification=Уведомление
labels.general_storage=Хранилище
labels.ldapProviderUrl=URL-адрес LDAP
labels.ldapSecurityPrincipal=DN пользователя
labels.ldapAdminSecurityPrincipal=DN привязки
labels.ldapAdminSecurityCredentials=Пароль
labels.ldapBaseDn=Базовый DN
labels.ldap_provider_url=URL-адрес LDAP
labels.ldap_security_principal=DN пользователя

//
// If a group is passed, it returns policies associated with the group.
//
// If a user is passed, it returns policies of the user along with any groups
// that the server knows the user is a member of.
//
// In LDAP users mode, the server does not store any group membership
// information in IAM (i.e sys.iam*Map) - this info is stored only in the STS
// generated credentials. Thus we skip looking up group memberships, user map,

github.com/go-jose/go-jose/v4 v4.1.0 h1:cYSYxd3pw5zd2FSXk2vGdn9igQU2PS8MuxrCOCl0FdY=
github.com/go-jose/go-jose/v4 v4.1.0/go.mod h1:GG/vqmYm3Von2nYiB2vGTXzdoNKE5tix5tuc6iAd+sw=
github.com/go-ldap/ldap/v3 v3.4.11 h1:4k0Yxweg+a3OyBLjdYn5OKglv18JNvfDykSoI8bW0gU=
github.com/go-ldap/ldap/v3 v3.4.11/go.mod h1:bY7t0FLK8OAVpp/vV6sSlpz3EQDGcQwc8pF0ujLgKvM=
github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=

                return queryParser;
            }
        };
        File file = File.createTempFile("test", ".properties");
        file.deleteOnExit();
        FileUtil.writeBytes(file.getAbsolutePath(), "ldap.security.principal=******@****.***".getBytes("UTF-8"));
        DynamicProperties systemProps = new DynamicProperties(file);
        ComponentUtil.register(systemProps, "systemProperties");

        setSystemProperty(Constants.LDAP_INITIAL_CONTEXT_FACTORY, value);
    }

    default String getLdapInitialContextFactory() {
        return getSystemProperty(Constants.LDAP_INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    }

    default void setLdapSecurityAuthentication(final String value) {
        setSystemProperty(Constants.LDAP_SECURITY_AUTHENTICATION, value);
    }