Search Options

Results per page
Sort
Preferred Languages
Advance

Results 11 - 16 of 16 for ldapUser (0.03 sec)

  2. github.com/minio/minio

    cmd/admin-handlers-idp-ldap.go 

    			selfDN = cred.ParentUser
		}
		dnList = append(dnList, selfDN)
	}

	var ldapUserList []string
	if isAll {
		ldapUsers, err := globalIAMSys.ListLDAPUsers(ctx)
		if err != nil {
			writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
			return
		}
		for user := range ldapUsers {
			ldapUserList = append(ldapUserList, user)
		}
	} else {
		for _, userDN := range dnList {
			// Validate the userDN
    Registered: Sun Sep 07 19:28:11 UTC 2025
    - Last Modified: Fri Aug 08 02:46:04 UTC 2025
    - 19.2K bytes
    - Viewed (0)
  3. github.com/minio/minio

    cmd/site-replication.go 

    	}

	// Extract the username and lookup DN and groups in LDAP.
	ldapUser, isLDAPSTS := claims.Lookup(ldapUserN)
	if isLDAPSTS {
		// Need to lookup the groups from LDAP.
		_, ldapGroups, err := globalIAMSys.LDAPConfig.LookupUserDN(ldapUser)
		if err != nil {
			return fmt.Errorf("unable to query LDAP server for %s: %w", ldapUser, err)
		}

		cred.Groups = ldapGroups
	}
    Registered: Sun Sep 07 19:28:11 UTC 2025
    - Last Modified: Fri Aug 29 02:39:48 UTC 2025
    - 184.7K bytes
    - Viewed (0)
  4. github.com/minio/minio

    cmd/admin-handlers-users.go 

    		// query their groups:
		opts.claims[ldapUserN] = targetUser // simple username
		var lookupResult *xldap.DNSearchResult
		lookupResult, targetGroups, err = globalIAMSys.LDAPConfig.LookupUserDN(targetUser)
		if err != nil {
			writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
			return
		}
		targetUser = lookupResult.NormDN
		opts.claims[ldapUser] = targetUser // username DN
    Registered: Sun Sep 07 19:28:11 UTC 2025
    - Last Modified: Fri Aug 29 02:39:48 UTC 2025
    - 90.6K bytes
    - Viewed (0)
  5. github.com/minio/minio

    cmd/sts-handlers_test.go 

            "groups": ["cn=project.c,ou=groups,OU=swengg,DC=min,DC=io", "cn=projecty,ou=groups,ou=hwengg,dc=min,dc=io"],
        "claims": {
            "accessKey": "u4ccRswj62HV3Ifwima7",
            "ldapUser": "uid=svc.algorithm,ou=swengg,dc=min,dc=io",
            "ldapUsername": "svc.algorithm",
            "parent": "uid=svc.algorithm,ou=swengg,dc=min,dc=io",
            "sa-policy": "inherited-policy"
        },
    Registered: Sun Sep 07 19:28:11 UTC 2025
    - Last Modified: Fri Aug 29 02:39:48 UTC 2025
    - 100.2K bytes
    - Viewed (1)
  6. github.com/minio/minio

    cmd/iam.go 

    		if err != nil {
			return nil, err
		}
		ldapUsers := make(map[string]madmin.UserInfo, len(stsMap))
		for user, policy := range stsMap {
			ldapUsers[user] = madmin.UserInfo{
				PolicyName: policy,
				Status:     statusEnabled,
			}
		}
		return ldapUsers, nil
	case <-ctx.Done():
		return nil, ctx.Err()
	}
}

type cleanEntitiesQuery struct {
    Registered: Sun Sep 07 19:28:11 UTC 2025
    - Last Modified: Fri Aug 29 02:39:48 UTC 2025
    - 75.3K bytes
    - Viewed (0)
  7. github.com/minio/minio

    docs/multi-user/README.md 

    	}
  ]
}
```

If the user is authenticating using an STS credential which was authorized from AD/LDAP we allow `ldap:*` variables.

Currently supports

- `ldap:username`
- `ldap:user`
- `ldap:groups`

Following example shows LDAP users full programmatic access to a LDAP user-specific directory (their own "home directory") in MinIO.

```
{
  "Version": "2012-10-17",
  "Statement": [
    Registered: Sun Sep 07 19:28:11 UTC 2025
    - Last Modified: Tue Aug 12 18:20:36 UTC 2025
    - 8.2K bytes
    - Viewed (0)
Back to top