LDAP Group Provider

Enable user-group mapping using the LDAP group provider.

Usage

License Required

This module requires a Starburst distribution and license.

Provision the module:

minitrino -e CLUSTER_VER=${version}-e provision -i starburst -m ldap-group-provider

Connect to the coordinator container’s Trino CLI as the admin user:

minitrino exec -i 'trino-cli --user admin'

Display the groups for the current user via current_groups():

SELECT current_groups();
-- [clusteradmins]

The group provider maps groups to users regardless of authentication.

Without auth:

minitrino exec -i 'trino-cli --user test'

SELECT current_groups();
-- [clusteradmins, metadata-users, platform-users]

With auth:

minitrino exec -i \
    'trino-cli --server https://minitrino:8443 \
    --insecure --user admin --password'

SELECT current_groups();
-- [clusteradmins]

Group Mapping

Group	Users
clusteradmins	admin, cachesvc, test
metadata-users	metadata-user, bob, test
platform-users	platform-user, alice, test

Dependent Modules

• ldap: Required for LDAP users/groups.