github.com/minio/minio@v0.0.0-20240328213742-3f72439b8a27/internal/config/identity/ldap/help.go (about) 1 // Copyright (c) 2015-2021 MinIO, Inc. 2 // 3 // This file is part of MinIO Object Storage stack 4 // 5 // This program is free software: you can redistribute it and/or modify 6 // it under the terms of the GNU Affero General Public License as published by 7 // the Free Software Foundation, either version 3 of the License, or 8 // (at your option) any later version. 9 // 10 // This program is distributed in the hope that it will be useful 11 // but WITHOUT ANY WARRANTY; without even the implied warranty of 12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 // GNU Affero General Public License for more details. 14 // 15 // You should have received a copy of the GNU Affero General Public License 16 // along with this program. If not, see <http://www.gnu.org/licenses/>. 17 18 package ldap 19 20 import "github.com/minio/minio/internal/config" 21 22 // Help template for LDAP identity feature. 23 var ( 24 defaultHelpPostfix = func(key string) string { 25 return config.DefaultHelpPostfix(DefaultKVS, key) 26 } 27 28 Help = config.HelpKVS{ 29 config.HelpKV{ 30 Key: ServerAddr, 31 Description: `AD/LDAP server address e.g. "myldap.com" or "myldapserver.com:636"` + defaultHelpPostfix(ServerAddr), 32 Type: "address", 33 Sensitive: true, 34 }, 35 config.HelpKV{ 36 Key: SRVRecordName, 37 Description: `DNS SRV record name for LDAP service, if given, must be one of "ldap", "ldaps" or "on"` + defaultHelpPostfix(SRVRecordName), 38 Optional: true, 39 Type: "string", 40 Sensitive: false, 41 }, 42 config.HelpKV{ 43 Key: LookupBindDN, 44 Description: `DN for LDAP read-only service account used to perform DN and group lookups` + defaultHelpPostfix(LookupBindDN), 45 Optional: true, 46 Type: "string", 47 Sensitive: true, 48 }, 49 config.HelpKV{ 50 Key: LookupBindPassword, 51 Description: `Password for LDAP read-only service account used to perform DN and group lookups` + defaultHelpPostfix(LookupBindPassword), 52 Optional: true, 53 Type: "string", 54 Sensitive: true, 55 Secret: true, 56 }, 57 config.HelpKV{ 58 Key: UserDNSearchBaseDN, 59 Description: `";" separated list of user search base DNs e.g. "dc=myldapserver,dc=com"` + defaultHelpPostfix(UserDNSearchBaseDN), 60 Optional: true, 61 Type: "list", 62 }, 63 config.HelpKV{ 64 Key: UserDNSearchFilter, 65 Description: `Search filter to lookup user DN` + defaultHelpPostfix(UserDNSearchFilter), 66 Optional: true, 67 Type: "string", 68 }, 69 config.HelpKV{ 70 Key: GroupSearchFilter, 71 Description: `search filter for groups e.g. "(&(objectclass=groupOfNames)(memberUid=%s))"` + defaultHelpPostfix(GroupSearchFilter), 72 Optional: true, 73 Type: "string", 74 }, 75 config.HelpKV{ 76 Key: GroupSearchBaseDN, 77 Description: `";" separated list of group search base DNs e.g. "dc=myldapserver,dc=com"` + defaultHelpPostfix(GroupSearchBaseDN), 78 Optional: true, 79 Type: "list", 80 }, 81 config.HelpKV{ 82 Key: TLSSkipVerify, 83 Description: `trust server TLS without verification` + defaultHelpPostfix(TLSSkipVerify), 84 Optional: true, 85 Type: "on|off", 86 }, 87 config.HelpKV{ 88 Key: ServerInsecure, 89 Description: `allow plain text connection to AD/LDAP server` + defaultHelpPostfix(ServerInsecure), 90 Optional: true, 91 Type: "on|off", 92 }, 93 config.HelpKV{ 94 Key: ServerStartTLS, 95 Description: `use StartTLS connection to AD/LDAP server` + defaultHelpPostfix(ServerStartTLS), 96 Optional: true, 97 Type: "on|off", 98 }, 99 config.HelpKV{ 100 Key: config.Comment, 101 Description: config.DefaultComment, 102 Optional: true, 103 Type: "sentence", 104 }, 105 } 106 )