Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-12786

Docs for SERVER-40442: Re-fetch an externally stored password when LDAP bind fails using a service account

    XMLWordPrintable

Details

    • Task
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • None
    • 4.3.1
    • manual, Server
    • None

    Description

      Description

      Description:

      The ldapQueryPassword setParameter now accepts either a string or an array of strings as password for running LDAP queries. If set to an array of passwords, it will try each one until one succeeds. This can be used to perform a rollover of the LDAP account's password without downtime for mongodb.

      Engineering Ticket Description:

      When an externally stored password for the LDAP service account gets changed, MongoDB Enterprise Server must somehow be able to obtain the fresh password. This can be accomplished by allowing it to know multiple potential passwords for service accounts in order to enable rotation.

      Scope of changes

      Impact to Other Docs

      MVP (Work and Date)

      Resources (Scope or Design Docs, Invision, etc.)

      Attachments

        Issue Links

          Activity

            People

              zach.carr@mongodb.com Zachary Carr
              kay.kim@mongodb.com Kay Kim (Inactive)
              Zachary Carr Zachary Carr
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                2 years, 7 weeks, 3 days ago