mirror of https://github.com/minio/minio.git
3212d0c8cd
Existing IAM import logic for LDAP creates new mappings when the normalized form of the mapping key differs from the existing mapping key in storage. This change effectively replaces the existing mapping key by first deleting it and then recreating with the normalized form of the mapping key. For e.g. if an older deployment had a policy mapped to a user DN - `UID=alice1,OU=people,OU=hwengg,DC=min,DC=io` instead of adding a mapping for the normalized form - `uid=alice1,ou=people,ou=hwengg,dc=min,dc=io` we should replace the existing mapping. This ensures that duplicates mappings won't remain after the import. Some additional cleanup cases are also covered. If there are multiple mappings for the name normalized key such as: `UID=alice1,OU=people,OU=hwengg,DC=min,DC=io` `uid=alice1,ou=people,ou=hwengg,DC=min,DC=io` `uid=alice1,ou=people,ou=hwengg,dc=min,dc=io` we check if the list of policies mapped to all these keys are exactly the same, and if so remove all of them and create a single mapping with the normalized key. However, if the policies mapped to such keys differ, the import operation returns an error as the server cannot automatically pick the "right" list of policies to map. |
||
|---|---|---|
| .. | ||
| mint | ||
| multipart | ||
| depsreview.yaml | ||
| go-cross.yml | ||
| go-fips.yml | ||
| go-healing.yml | ||
| go-lint.yml | ||
| go.yml | ||
| helm-lint.yml | ||
| iam-integrations.yaml | ||
| issues.yaml | ||
| lock.yml | ||
| mint.yml | ||
| replication.yaml | ||
| root-disable.yml | ||
| root.cert | ||
| root.key | ||
| run-mint.sh | ||
| shfmt.yml | ||
| typos.yml | ||
| upgrade-ci-cd.yaml | ||
| vulncheck.yml | ||