minio/docs
1
0
Fork 0
mirror of https://github.com/minio/docs.git synced 2025-08-06 14:42:56 +03:00
Code Activity
Files
relax-event-restriction
docs/source/includes/common-minio-ad-ldap-params.rst
Daryl White 529e67dc7e Changes for several issues related to SFTP and LDAP (#1252) 
- Adds info the docs about recent changes to LDAP and SFTP
authentication
- Adds new config/envvar parameter
- Adds new sftp option for server
- Adds new example for forcing ldap or sa auth to SFTP
- Adds new example for using certificate authority for auth to SFTP

Closes #1240
Closes #1229
Closes #1226
Closes #1208
2024-07-15 14:30:19 -04:00

5.7 KiB
Raw Permalink Blame History

server_addr

This parameter corresponds with the MINIO_IDENTITY_LDAP_SERVER_ADDR environment variable.

lookup_bind_dn

This parameter corresponds with the MINIO_IDENTITY_LDAP_LOOKUP_BIND_DN environment variable.

lookup_bind_password

This parameter corresponds with the MINIO_IDENTITY_LDAP_LOOKUP_BIND_PASSWORD environment variable.

user_dn_attributes

user_dn_search_base_dn

This parameter corresponds with the MINIO_IDENTITY_LDAP_USER_DN_SEARCH_BASE_DN environment variable.

user_dn_search_filter

This parameter corresponds with the MINIO_IDENTITY_LDAP_USER_DN_SEARCH_FILTER environment variable.

comment

This parameter corresponds with the MINIO_IDENTITY_LDAP_COMMENT environment variable.

enabled

Set to false to disable the AD/LDAP configuration.

If false, applications cannot generate STS credentials or otherwise authenticate to MinIO using the configured provider.

Defaults to true or "enabled".

group_search_base_dn

This parameter corresponds with the MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN environment variable.

group_search_filter

This parameter corresponds with the MINIO_IDENTITY_LDAP_GROUP_SEARCH_FILTER environment variable.

server_insecure

This parameter corresponds with the MINIO_IDENTITY_LDAP_SERVER_INSECURE environment variable.

server_starttls

This parameter corresponds with the MINIO_IDENTITY_LDAP_SERVER_STARTTLS environment variable.

srv_record_name

RELEASE.2022-12-12T19-27-27Z

This parameter corresponds with the MINIO_IDENTITY_LDAP_SRV_RECORD_NAME environment variable.

tls_skip_verify

This parameter corresponds with the MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY environment variable.

This command works against access keys <minio-id-access-keys> created by an AD/LDAP user after authenticating to MinIO.

Create AD/LDAP service accounts with the mc idp ldap accesskey create command.

Authenticated users can manage their own long-term Access Keys using the MinIO Console <minio-console-user-access-keys>. MinIO supports using AssumeRoleWithLDAPIdentity <minio-sts-assumerolewithldapidentity> to generate temporary access keys using the Security Token Service <minio-security-token-service>.