if: matrix.ldap == 'ldaphost:389'
        env:
          _MINIO_LDAP_TEST_SERVER: ${{ matrix.ldap }}
        run: |
          make test-iam-ldap-upgrade-import
      - name: Test LDAP for automatic site replication
        if: matrix.ldap == 'localhost:389'
        run: |
          make test-site-replication-ldap
      - name: Test OIDC for automatic site replication

	exit 1
fi

# Kill MinIO and LDAP to start afresh with missing groups/DN
pkill minio
docker rm -f $(docker ps -aq)
rm -rf /tmp/ldap{1..4}

# Deploy the LDAP config witg missing groups/DN
echo "Copying docs/distributed/samples/bootstrap-partial.ldif => minio-iam-testing/ldap/50-bootstrap.ldif"
cp docs/distributed/samples/bootstrap-partial.ldif minio-iam-testing/ldap/50-bootstrap.ldif || exit 1
cd ./minio-iam-testing

	"github.com/minio/madmin-go/v3"
	"github.com/minio/minio-go/v7/pkg/set"
	"github.com/minio/minio/internal/config"
	cfgldap "github.com/minio/minio/internal/config/identity/ldap"
	"github.com/minio/minio/internal/config/identity/openid"
	"github.com/minio/mux"
	"github.com/minio/pkg/v3/ldap"
	"github.com/minio/pkg/v3/policy"
)

func addOrUpdateIDPHandler(ctx context.Context, w http.ResponseWriter, r *http.Request, isUpdate bool) {

ldap.role.search.role.enabled=true

ldap.attr.surname=sn
ldap.attr.givenName=givenName
ldap.attr.employeeNumber=employeeNumber
ldap.attr.mail=mail
ldap.attr.telephoneNumber=telephoneNumber
ldap.attr.homePhone=homePhone
ldap.attr.homePostalAddress=homePostalAddress
ldap.attr.labeledURI=labeledURI
ldap.attr.roomNumber=roomNumber
ldap.attr.description=description
ldap.attr.title=title
ldap.attr.pager=pager

	@MINIO_API_REQUESTS_MAX=10000 GORACE=history_size=7 CGO_ENABLED=1 go test -timeout 15m -race -tags kqueue,dev -v -run TestIAM* ./cmd

test-iam-ldap-upgrade-import: install-race ## verify IAM (external LDAP IDP)
	@echo "Running upgrade tests for IAM (LDAP backend)"
	@env bash $(PWD)/buildscripts/minio-iam-ldap-upgrade-import-test.sh

test-iam-import-with-missing-entities: install-race ## test import of external iam config withg missing entities

	// 1. Collect all LDAP users with active creds.
	allCreds := sys.store.GetSTSAndServiceAccounts()
	// List of unique LDAP (parent) user DNs that have active creds
	var parentUserActualDNList []string
	// Map of LDAP user (internal representation) to list of active credential objects
	parentUserToCredsMap := make(map[string][]auth.Credentials)
	// DN to ldap username mapping for each LDAP user

// along with this program.  If not, see <http://www.gnu.org/licenses/>.

package ldap

import (
	"github.com/minio/minio/internal/config"
)

// LegacyConfig contains AD/LDAP server connectivity information from old config
// V33.
type LegacyConfig struct {
	Enabled bool `json:"enabled"`

	// E.g. "ldap.minio.io:636"
	ServerAddr string `json:"serverAddr"`

	// User DN search parameters

    /** The key of the configuration. e.g. cn=%s */
    String LDAP_ADMIN_GROUP_FILTER = "ldap.admin.group.filter";

    /** The key of the configuration. e.g. ou=Group,dc=fess,dc=codelibs,dc=org */
    String LDAP_ADMIN_GROUP_BASE_DN = "ldap.admin.group.base.dn";

    /** The key of the configuration. e.g. groupOfNames */

				suite := testCase

				suite.SetUpSuite(c)

				suite.SFTPServiceAccountLogin(c)
				suite.SFTPInvalidServiceAccountPassword(c)

				// LDAP tests
				ldapServer := os.Getenv(EnvTestLDAPServer)
				if ldapServer == "" {
					c.Skipf("Skipping LDAP test as no LDAP server is provided via %s", EnvTestLDAPServer)
				}

				suite.SetUpLDAP(c, ldapServer)

				suite.SFTPFailedAuthDueToMissingPolicy(c)

| [**AD/LDAP**](https://github.com/minio/minio/blob/master/docs/sts/ldap.md)             | Let AD/LDAP users request temporary credentials using AD/LDAP username and password.                                                          |