Enabling Secondary Group Lists with LDAP

Enable the lookup of secondary group lists from an LDAP server for a File Storage export.

Using secondary group lists requires additional configuration and several prerequisites. For more information, see Using LDAP for Authorization.

1. Open the navigation menu and click Storage. Under File Storage, click Mount Targets.
2. In the List scope section, under Compartment, select a compartment.
3. Click the name of the mount target that contains the export for which you want to enable secondary group lookup.
4. On the mount target's details page, under Exports, click the name of the export that you want to update.
5. On the export's details page, click Edit next to Use LDAP for group list.
6. In the Edit Use LDAP for group list dialog box, select Use LDAP for group list and click Save.
Use the fs export update command and include the --is-idmap-groups-for-sys-auth parameter to update an export to use LDAP:
oci fs export update --export-id <export_OCID> --is-idmap-groups-for-sys-auth true
For a complete list of parameters and values for CLI commands, see the CLI Command Reference.
Run the UpdateExport operation with the isIdmapGroupsForSysAuth parameter to update an export.

For information about using the API and signing requests, see REST API documentation and Security Credentials. For information about SDKs, see SDKs and the CLI.