MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-09 21:49:46 -05:00
Code Issues Packages Projects Releases Wiki Activity

LDAP config: fix substitution variables (#11586)

Browse Source 
- In username search filter and username format variables we support %s for
replacing with the username.

- In group search filter we support %s for username and %d for the full DN of
the username.
This commit is contained in:
Aditya Manthramurthy
2021-02-22 13:20:36 -08:00
committed by GitHub
parent cec12f4c76
commit 02e7de6367
2 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/sts/ldap.md
View File

@@ -123,7 +123,13 @@ export MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY=on
### Variable substitution in AD/LDAP configuration strings ###
`%s` is replaced with *username* automatically for construction bind_dn, search_filter and group_search_filter.
In the configuration variables, `%s` is substituted with the *username* from the STS request and `%d` is substituted with the *distinguished username (user DN)* of the LDAP user. Please see the following table for which configuration variables support these substitution variables:
| Variable | Supported substitutions |
|---------------------------------------------|-------------------------|
| `MINIO_IDENTITY_LDAP_USERNAME_FORMAT` | `%s` |
| `MINIO_IDENTITY_LDAP_USER_DN_SEARCH_FILTER` | `%s` |
| `MINIO_IDENTITY_LDAP_GROUP_SEARCH_FILTER` | `%s` and `%d` |
## Managing User/Group Access Policy