`Root user name (access key) and root password (secret key) are expected to be specified via environment variables MINIO_ROOT_USER and MINIO_ROOT_PASSWORD respectively`,
	)

	ErrMissingEnvCredentialRootPassword = newErrFn(
		"Missing credential environment variable, \""+EnvRootPassword+"\"",
		"Environment variable \""+EnvRootPassword+"\" is missing",

	case syscall.O_WRONLY:
		access = syscall.GENERIC_WRITE
	case syscall.O_RDWR:
		fallthrough
	case syscall.O_RDWR | syscall.O_CREAT:
		fallthrough
	case syscall.O_WRONLY | syscall.O_CREAT:
		access = syscall.GENERIC_READ | syscall.GENERIC_WRITE
	case syscall.O_WRONLY | syscall.O_CREAT | syscall.O_APPEND:
		access = syscall.FILE_APPEND_DATA
	default:
		return nil, fmt.Errorf("Unsupported flag (%d)", flag)
	}

## API Request Parameters

### LDAPUsername

Is AD/LDAP username to login. Application must ask user for this value to successfully obtain rotating access credentials from AssumeRoleWithLDAPIdentity.

        activityHelper.access(OptionalThing.empty(), "/", "aaa");
        assertEquals("action:ACCESS\tuser:-\tpath:/\texecute:aaa", localLogMsg.get());

        activityHelper.access(createUser("testuser", new String[0]), "/aaa", "bbb");
        assertEquals("action:ACCESS\tuser:testuser\tpath:/aaa\texecute:bbb", localLogMsg.get());

  set -e ; # fail if we can't read the keys.
  ACCESS=$(cat /config/rootUser) ; SECRET=$(cat /config/rootPassword) ;
  set +e ; # The connections to minio are allowed to fail.
  echo "Connecting to MinIO server: $SCHEME://$MINIO_ENDPOINT:$MINIO_PORT" ;
  MC_COMMAND="${MC} alias set myminio $SCHEME://$MINIO_ENDPOINT:$MINIO_PORT $ACCESS $SECRET" ;
  $MC_COMMAND ;
  STATUS=$? ;
  until [ $STATUS = 0 ]
  do

labels.boost_document_rule_url_expr=Condition
labels.boost_document_rule_boost_expr=Boost Expr
labels.boost_document_rule_sort_order=Sort Order
labels.access_token_configuration=Access Token
labels.access_token_title_details=Access Token
labels.access_token_list_name=Name
labels.access_token_name=Name
labels.access_token_token=Token
labels.access_token_expires=Expired
labels.access_token_parameter_name=Parameter Name

    DcerpcHandle handle;

    public SamrPolicyHandle(DcerpcHandle handle, String server, int access) throws IOException {
        this.handle = handle;
        if (server == null)
            server = "\\\\";
        MsrpcSamrConnect4 rpc = new MsrpcSamrConnect4(server, access, this);
        try {
            handle.sendrecv(rpc);
        } catch (DcerpcException de) {

The id_token received is a signed JSON Web Token (JWT). Use a JWT decoder to decode the id_token to access the payload of the token that includes following JWT claims, `policy` claim is mandatory and should be present as part of your JWT claim. Without this claim the generated credentials will not have access to any resources on the server, using these credentials application would receive 'Access Denied' errors.

  /** The HTTP {@code Access-Control-Allow-Headers} header field name. */
  public static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers";
  /** The HTTP {@code Access-Control-Allow-Methods} header field name. */
  public static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods";
  /** The HTTP {@code Access-Control-Allow-Origin} header field name. */

 */

package jcifs.dcerpc.msrpc;


@SuppressWarnings ( "javadoc" )
public class MsrpcSamrConnect2 extends samr.SamrConnect2 {

    public MsrpcSamrConnect2 ( String server, int access, SamrPolicyHandle policyHandle ) {
        super(server, access, policyHandle);
        this.ptype = 0;
        this.flags = DCERPC_FIRST_FRAG | DCERPC_LAST_FRAG;
    }