Return group DN instead of group name in LDAP STS (#11501)

- Additionally, check if the user or their groups has a policy attached during the STS call. - Remove the group name attribute configuration value.
2025-11-24 03:27:44 -05:00 · 2021-02-10 16:52:49 -08:00
parent 881f98e511
commit 466e95bb59
5 changed files with 30 additions and 38 deletions
--- a/cmd/config/identity/ldap/help.go
+++ b/cmd/config/identity/ldap/help.go
@@ -68,12 +68,6 @@ var (
 			Optional:    true,
 			Type:        "string",
 		},
-		config.HelpKV{
-			Key:         GroupNameAttribute,
-			Description: `search attribute for group name e.g. "cn"`,
-			Optional:    true,
-			Type:        "string",
-		},
 		config.HelpKV{
 			Key:         GroupSearchBaseDN,
 			Description: `";" separated list of group search base DNs e.g. "dc=myldapserver,dc=com"`,