diff --git a/source/includes/common-minio-tiering.rst b/source/includes/common-minio-tiering.rst index db47cc6f..17a61b5b 100644 --- a/source/includes/common-minio-tiering.rst +++ b/source/includes/common-minio-tiering.rst @@ -75,7 +75,7 @@ secret key as per your organizations best practices for password generation. wget -O - https://min.io/docs/minio/linux/examples/LifecycleManagementAdmin.json | \ mc admin policy create Alpha LifecycleAdminPolicy /dev/stdin - mc admin user create Alpha alphaLifecycleAdmin LongRandomSecretKey + mc admin user add Alpha alphaLifecycleAdmin LongRandomSecretKey mc admin policy attach Alpha LifecycleAdminPolicy --user=alphaLifecycleAdmin This example assumes that the specified diff --git a/source/includes/common-replication.rst b/source/includes/common-replication.rst index ebd88ed4..e6b75033 100644 --- a/source/includes/common-replication.rst +++ b/source/includes/common-replication.rst @@ -73,7 +73,7 @@ Bucket replication requires specific permissions on the source and destination d wget -O - https://min.io/docs/minio/linux/examples/ReplicationAdminPolicy.json | \ mc admin policy create TARGET ReplicationAdminPolicy /dev/stdin - mc admin user create TARGET ReplicationAdmin LongRandomSecretKey + mc admin user add TARGET ReplicationAdmin LongRandomSecretKey mc admin policy attach TARGET ReplicationAdminPolicy --user=ReplicationAdmin MinIO deployments configured for :ref:`Active Directory/LDAP ` or :ref:`OpenID Connect ` user management should instead create a dedicated :ref:`access keys ` for bucket replication. @@ -100,7 +100,7 @@ Bucket replication requires specific permissions on the source and destination d wget -O - https://min.io/docs/minio/linux/examples/ReplicationRemoteUserPolicy.json | \ mc admin policy create TARGET ReplicationRemoteUserPolicy /dev/stdin - mc admin user create TARGET ReplicationRemoteUser LongRandomSecretKey + mc admin user add TARGET ReplicationRemoteUser LongRandomSecretKey mc admin policy attach TARGET ReplicationRemoteUserPolicy --user=ReplicationRemoteUser MinIO deployments configured for :ref:`Active Directory/LDAP ` or :ref:`OpenID Connect ` user management should instead create a dedicated :ref:`access keys ` for bucket replication. diff --git a/source/includes/k8s/steps-configure-ad-ldap-external-identity-management.rst b/source/includes/k8s/steps-configure-ad-ldap-external-identity-management.rst index 44027c69..3cef1213 100644 --- a/source/includes/k8s/steps-configure-ad-ldap-external-identity-management.rst +++ b/source/includes/k8s/steps-configure-ad-ldap-external-identity-management.rst @@ -81,7 +81,7 @@ You must explicitly assign MinIO policies to a given user or group Distinguished The following example assumes an existing :ref:`alias ` configured for the MinIO Tenant. -Use the :mc-cmd:`mc idp ldap policy attach` command to assign a user or group DN to an existing MinIO Policy: +Use the :mc:`mc idp ldap policy attach` command to assign a user or group DN to an existing MinIO Policy: .. code-block:: shell :class: copyable diff --git a/source/operations/external-iam.rst b/source/operations/external-iam.rst index b9b88d16..3548c214 100644 --- a/source/operations/external-iam.rst +++ b/source/operations/external-iam.rst @@ -117,7 +117,7 @@ MinIO uses :ref:`Policy Based Access Control (PBAC) ` t When using an Active Directory/LDAP server for identity management (authentication), MinIO maintains control over access (authorization) through PBAC. When a user successfully authenticates to MinIO using their AD/LDAP credentials, MinIO searches for all :ref:`policies ` which are explicitly associated to that user's Distinguished Name (DN). -Specifically, the policy must be assigned to a user with a matching DN using the :mc-cmd:`mc idp ldap policy attach` command. +Specifically, the policy must be assigned to a user with a matching DN using the :mc:`mc idp ldap policy attach` command. MinIO also supports querying for the user's AD/LDAP group membership. MinIO attempts to match existing policies to the DN for each of the user's groups. diff --git a/source/operations/external-iam/configure-ad-ldap-external-identity-management.rst b/source/operations/external-iam/configure-ad-ldap-external-identity-management.rst index bb2fe9b5..361a7371 100644 --- a/source/operations/external-iam/configure-ad-ldap-external-identity-management.rst +++ b/source/operations/external-iam/configure-ad-ldap-external-identity-management.rst @@ -279,7 +279,7 @@ Disable a Configured Active Directory / LDAP Connection You can enable and disable the configured AD/LDAP connection as needed. -Use :mc-cmd:`mc idp ldap disable` to deactivate a configured connection. -Use :mc-cmd:`mc idp ldap enable` to activate a previously configured connection. +Use :mc:`mc idp ldap disable` to deactivate a configured connection. +Use :mc:`mc idp ldap enable` to activate a previously configured connection. You may also enable or disable AD/LDAP from the :ref:`MinIO Console `. diff --git a/source/operations/install-deploy-manage/decommission-server-pool.rst b/source/operations/install-deploy-manage/decommission-server-pool.rst index 13b5858b..8857d817 100644 --- a/source/operations/install-deploy-manage/decommission-server-pool.rst +++ b/source/operations/install-deploy-manage/decommission-server-pool.rst @@ -171,7 +171,7 @@ Starting with :minio-release:`RELEASE.2023-05-27T05-56-19Z`, decommissioning ign This avoids creating empty metadata on the remaining server pool(s) for objects that are effectively fully deleted. Starting with :minio-release:`RELEASE.2023-06-23T20-26-00Z`, decommissioning also ignores object versions which have expired based on the configured :ref:`lifecycle rules ` for the parent bucket. -Starting with :minio-release:`RELEASE.2023-06-29T05-12-28Z`, you can monitor ignored delete markers and expired objects during the decommission process with :mc:`mc admin trace --call decommission `. +Starting with :minio-release:`RELEASE.2023-06-29T05-12-28Z`, you can monitor ignored delete markers and expired objects during the decommission process with :mc-cmd:`mc admin trace --call decommission `. Once the decommissioning process completes, you can safely shut down that pool. Since the only remaining data was scheduled for deletion *or* was only a ``DeleteMarker``, you can safely clear or destroy those drives as per your internal procedures.