Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 4.3.1, Server_Docs_20231030, Server_Docs_20231106, Server_Docs_20231105, Server_Docs_20231113, Server_Docs_20240319
Affects Version/s: None
Component/s: manual, Server
Labels:
None

Epic Link:
DOCS: 4.4 Server Release Work

Description

Description:

The ldapQueryPassword setParameter now accepts either a string or an array of strings as password for running LDAP queries. If set to an array of passwords, it will try each one until one succeeds. This can be used to perform a rollover of the LDAP account's password without downtime for mongodb.

Engineering Ticket Description:

When an externally stored password for the LDAP service account gets changed, MongoDB Enterprise Server must somehow be able to obtain the fresh password. This can be accomplished by allowing it to know multiple potential passwords for service accounts in order to enable rotation.

Scope of changes

Impact to Other Docs

MVP (Work and Date)

Resources (Scope or Design Docs, Invision, etc.)

documents

SERVER-40442 Re-fetch an externally stored password when LDAP bind fails using a service account

Closed

Assignee:: Zachary Carr

Reporter:: Kay Kim (Inactive)

Participants:: Githook User, Kay Kim, Zachary Carr

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: Jun 07 2019 08:09:15 PM UTC

Updated:: Mar 20 2024 04:52:31 PM UTC

Resolved:: Aug 11 2020 09:38:12 PM UTC

Days since reply:: 3 years, 36 weeks, 2 days ago

Details

Description

Description

Description:

Engineering Ticket Description:

Scope of changes

Impact to Other Docs

MVP (Work and Date)

Resources (Scope or Design Docs, Invision, etc.)

Attachments

Issue Links

Activity

People

Dates