MinIO Identity and Access Management: Part 3 - Interfacing with OpenID and LDAP

Рет қаралды 2,201

Жыл бұрын

This is the third video of six focused on Identity and Access Management (IAM) using MinIO's built in administration tools. These tools control access to objects on your MinIO server. Access Management includes the granting of permissions to an authenticated application. Identity is the verification of "who" a connecting application is and their right to claim that identity.
The first three videos in the series provide an overview of MinIO's identity and access management functions, the second set of three videos demonstrate these functions in a lab setting. This specific video is focused on interfacing with OpenID and LDAP to manage access to MinIO.
MinIO is an open-source object storage server released under the GNU AGPL v3 license. It's compatible with Amazon S3, making it a great choice for deploying your storage infrastructure on Kubernetes.
Connect with us:
Website: min.io/
LinkedIn: / minio-inc-
Twitter: / minio
Docs: min.io/docs/minio/kubernetes/...
Slack: minio.slack.com/
#ObjectStorage #MultiCloud #CloudNative #Kubernetes #ObjectStore

Пікірлер: 8

@user-eb6yl6si2v 11 ай бұрын

Hi everyone, I have a question, I could connect ldap with my MinIO deployment, and I could attach a polity to a group, but those users can´t get all Console menue. I try several policy with all type of form but with no success

@MINIO 11 ай бұрын

If they're able to log in to the console but have no access to any menu items, then it is likely that the group mapping isn't working as expected. Try mapping a single user first, just to ensure you're able to do the mapping. LDAP groups can be tricky. Make sure your group identification matches what your LDAP server is providing.

@Sai-oe4yc 10 ай бұрын

Hi Everyone, I have a question I am unable to Configure MinIO for Authentication using OpenID. Can I use the Azure AD Client secret and client ID I don't how to get the config URL. I have tried with Azure AD client ID and secret and used tenant ID in the config URL. Can anyone please help me with this?

@MINIO 10 ай бұрын

Have you tried either login.microsoftonline.com/{aad-tenant}/.well-known/openid-configuration or login.microsoftonline.com/common/v2.0/.well-known/openid-configuration as the config URL? For the first one, you'll need to replace {aad-tenant} with your tenant ID.

@Sai-oe4yc 10 ай бұрын

@@MINIO I have tried it but I am getting an error as "Unable to generate ARN from the OpenID config: Invalid resource ID: _YyshBQgJ8zWgMbChFaZQOJN-Sg "

@MINIO 9 ай бұрын

Sorry for the delay here. Unfortunately, this forum isn't the best for this level of detailed support. If I had to guess, I'd say there's an issue with the resource ID not mapping back to Azure AD, but I can't really troubleshoot more than that. I would suggest, at this point, to try our community support on slack.min.io, or opening a ticket on SUBNET.

@jean-baptistearchange3321 18 күн бұрын

Helllo, I get this error mc: Unable to set 'identity_ldap server_addr=localhost:389' to server. LDAP Server Connection Error: Could not connect to LDAP server: LDAP Result Code 200 "Network Error": EOF.

@MINIO 16 күн бұрын

That's likely a network error.