091a321e32
First batch of mc deprecation cleanup: [x] Reorder section TOC: `mc` alphabetical, then `mc admin` alphabetical. [x] Standardize deprecation notice format and wording. [x] Move `mc admin top` to deprecated section. Staged http://192.241.195.202:9000/staging/DOCS-896-cleanup-mc-admin-top/linux/reference/minio-mc-deprecated.html Partially addresses https://github.com/minio/docs/issues/896
9.5 KiB
mc admin idp ldap
minio
Table of Contents
mc admin idp ldap
RELEASE.2023-05-26T23-31-54Z
mc admin idp ldap and its subcommands replaced by mc idp ldap.
Description
The mc admin idp ldap commands allow you to add,
modify, review, list, remove, enable, and disable server configurations
to 3rd party Active Directory or LDAP Identity and Access Management (IAM) integrations <minio-external-identity-management-ad-ldap>.
Define configuration settings as an alternative to using environment
variables when setting up an AD/LDAP connection <minio-authenticate-using-ad-ldap-generic>.
Note
Configuration settings do not override settings configured as environment variables.
The mc admin idp ldap command has the following
subcommands:
| Subcommand | Description |
|---|---|
mc admin idp ldap add |
Create an AD/LDAP IDP server configuration. |
mc admin idp ldap update |
Modify an existing AD/LDAP IDP server configuration. |
mc admin idp ldap ls |
Lists AD/LDAP server configurations. |
mc admin idp ldap rm |
Remove an AD/LDAP IDP server configuration from a deployment. |
mc admin idp ldap info |
Displays details for a specific AD/LDAP server configuration. |
mc admin idp ldap enable |
Enables an AD/LDAP server configuration. |
mc admin idp ldap disable |
Disables an AD/LDAP server configuration. |
mc admin idp ldap policy entities |
List policy association entities |
Configuration Parameters
The mc admin idp ldap subcommands support configuration
parameters. The parameters define the server's interaction with the
Active Directory or LDAP IAM provider.
For a more detailed explanation of the configuration parameters,
refer to the config setting documentation <minio-ldap-config-settings>.
Syntax
add
Create a new configuration for an AD/LDAP provider. MinIO supports no more than one (1) AD/LDAP provider per deployment.
EXAMPLE
The following example sets the AD/LDAP configuration settings for the
myminio deployment.
mc admin idp ldap add \
myminio \
server_addr=myldapserver:636 \
lookup_bind_dn=cn=admin,dc=min,dc=io \
lookup_bind_password=somesecret \
user_dn_search_base_dn=dc=min,dc=io \
user_dn_search_filter="(uid=%s)" \
group_search_base_dn=ou=swengg,dc=min,dc=io \
group_search_filter="(&(objectclass=groupofnames)(member=%d))" SYNTAX
The command has the following syntax:
mc [GLOBALFLAGS] admin idp ldap add \
ALIAS \
[CFG_PARAM1] \
[CFG_PARAM2]...- Replace
ALIASwith thealias <alias>of a MinIO deployment to create for AD/LDAP integration. - Replace the
[CFG_PARAM#]with each of theconfiguration setting <minio-ldap-config-settings>key-value pairs in the format ofPARAMETER="value".
update
Modify an existing set of configurations for an AD/LDAP provider.
EXAMPLE
The following example changes two of the AD/LDAP configuration
settings for the myminio deployment.
mc admin idp ldap update \
myminio \
lookup_bind_dn=cn=admin,dc=min,dc=io \
lookup_bind_password=somesecret SYNTAX
The command has the following syntax:
mc [GLOBALFLAGS] admin idp ldap update \
ALIAS \
[CFG_PARAM1] \
[CFG_PARAM2]...- Replace
ALIASwith thealias <alias>of a MinIO deployment to update for AD/LDAP integration. - Replace the
[CFG_PARAM#]with each of theconfiguration setting <minio-ldap-config-settings>key-value pairs to update in the format ofPARAMETER="value".
ls, list
Lists the existing set of configurations for an AD/LDAP provider.
EXAMPLE
The following example lists the AD/LDAP configuration settings for
the myminio deployment.
mc admin idp ldap ls myminio SYNTAX
The command has the following syntax:
mc [GLOBALFLAGS] admin idp ldap ls ALIAS- Replace
ALIASwith thealias <alias>of a MinIO deployment to list the AD/LDAP integration.
rm, remove
Remove the existing configuration for an AD/LDAP provider.
EXAMPLE
The following example removes the AD/LDAP provider settings for the
myminio deployment.
mc admin idp ldap rm myminio SYNTAX
The command has the following syntax:
mc [GLOBALFLAGS] admin idp ldap rm \
ALIAS- Replace
ALIASwith thealias <alias>of a MinIO deployment to remove the AD/LDAP integration.
info
Outputs the current configuration for an AD/LDAP provider on a specified MinIO deployment.
EXAMPLE
The following example outputs the AD/LDAP configuration settings on
the myminio deployment.
mc admin idp ldap info myminioSYNTAX
The command has the following syntax:
mc [GLOBALFLAGS] admin idp ldap info \
ALIAS- Replace
ALIASwith thealias <alias>of a MinIO deployment to retrieve info on the AD/LDAP integration.
enable
Enables the currently configured AD/LDAP provider.
EXAMPLE
The following example enables the AD/LDAP configuration on the
myminio deployment.
mc admin idp ldap enable \
myminioSYNTAX
The command has the following syntax:
mc [GLOBALFLAGS] admin idp ldap enable \
ALIAS- Replace
ALIASwith thealias <alias>of a MinIO deployment to enable the AD/LDAP integration.
disable
Disables the currently configured AD/LDAP provider.
EXAMPLE
The following example disables the AD/LDAP configurations on the
myminio deployment.
mc admin idp ldap disable \
myminioSYNTAX
The command has the following syntax:
mc [GLOBALFLAGS] admin idp ldap disable \
ALIAS- Replace
ALIASwith thealias <alias>of a MinIO deployment to disable the AD/LDAP integration.