mc admin idp ldap policy
Changed in version RELEASE.2023-05-26T23-31-54Z: mc admin idp ldap policy and its subcommands replaced by mc idp ldap policy.
Description
The mc admin idp ldap policy command allows you to view the mapping relationships between policies and the associated groups or users.
The mc admin idp ldap policy command has the following subcommands:
Subcommand |
Description |
|---|---|
Attach a policy to an entity |
|
Detach a policy from an entity |
|
List policy entity mappings |
Syntax
- attach
Attach one or more polices to entity.
The following example attaches two policies,
policy1andpolicy2, to theprojectbgroup on themyminiodeployment.mc admin idp ldap policy attach myminio/ \ policy1 \ policy2 \ --group='cn=projectb,ou=groups,ou=swengg,dc=min,dc=io'
The following example attaches the policy,
userpolicy, to the userbobfisheron themyminiodeployment.mc admin idp ldap policy attach myminio/ \ mypolicy \ policy2 \ --user='uid=bobfisher,ou=people,ou=hwengg,dc=min,dc=io'
The command has the following syntax:
mc [GLOBALFLAGS] admin idp ldap policy attach \ POLICYNAME \ [POLICY2] ... \ ALIAS \ [--user=`USER`] \ [--group=`GROUP`]
Replace
ALIASwith the alias of a MinIO deployment to configure for AD/LDAP integration.Replace
POLICYNAMEwith the policy to attach to the entity. You may list multiple policies to attach to the entity.Use must use one of either the
--useror--groupflag. You may only use the flag once in the command. You cannot use both flags in the same command.
- detach
Detach one or more policies from an entity.
The following example detaches two policies,
policy1andpolicy2, from theprojectbgroup on themyminiodeployment.mc admin idp ldap policy detach myminio/ \ policy1 \ policy2 \ --group='cn=projectb,ou=groups,ou=swengg,dc=min,dc=io'
The following example detaches the policy,
userpolicy, from the userbobfisheron themyminiodeployment.mc admin idp ldap policy detach myminio/ \ mypolicy \ policy2 \ --user='uid=bobfisher,ou=people,ou=hwengg,dc=min,dc=io'
The command has the following syntax:
mc [GLOBALFLAGS] admin idp ldap policy detach \ POLICYNAME \ [POLICY2] ... \ ALIAS \ [--user=`USER`] \ [--group=`GROUP`]
Replace
ALIASwith the alias of a MinIO deployment to configure for AD/LDAP integration.Replace
POLICYNAMEwith the policy to detach from the entity. You may list multiple policies to detach from the entity.Use must use one of either the
--useror--groupflag. You may only use the flag once in the command. You cannot use both flags in the same command.
- entities
Display a list of mappings for a user, group, and/or policy.
The following example lists all mappings for a specific policy, a set of groups, and a selection of users on the
myminiodeployment.Specifically, it lists - Users mapped to the
finteam-policypolicy. - Policies assigned to theuid=bobfisher,ou=people,ou=hwengg,dc=min,dc=iouser - Policies assigned to thecn=projectb,ou=groups,ou=swengg,dc=min,dc=iogroupmc admin idp ldap policy entities myminio/ \ --policy finteam-policy \ --user 'uid=bobfisher,ou=people,ou=hwengg,dc=min,dc=io' \ --group 'cn=projectb,ou=groups,ou=swengg,dc=min,dc=io'
The command has the following syntax:
mc [GLOBALFLAGS] admin idp ldap policy entities \ ALIAS \ [--user `value`, -u `value`] \ [--group `value`, -g `value`] \ [--policy value]
Replace
ALIASwith the alias of a MinIO deployment to configure for AD/LDAP integration.You may use each of the
--user,--group, and/or--policyflags as many times as desired in the command.For each flag, the output lists the entities mapped to the specified policy, user, or group.
Omit all flags to return a list of mappings for all policies.
Global Flags
This command supports any of the global flags.
