Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-2445

Provide sample LDAP, MongoDB user/role mapping sync script

    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Major - P3
    • Resolution: Won't Fix
    • None
    • mongodb-2.6
    • manual
    • None

    Description

      MongoDB 2.6 will integrate LDAP authentication, allowing users to authenticate in MongoDB through a call to LDAP. MongoDB 2.6, however, will not automate syncing of MongoDB user and role mappings between MongoDB and LDAP; customers will still have to manually update user credentials within MongoDB.

      To simplify this, MongoDB will provide a sample script that will allow users to synch changes made to LDAP user and role mappings with their corresponding definitions in MongoDB. The script will be provided to work with a simple LDAP hierarchy that defines a MongoDB group and underlying users:

      LDAP Organization - acme
      LDAP MongoDB Group - MongoDB_dbAdminAnyDatabase
      LDAP MongoDB User - Bob Jones

      Users can then customize to meet their specific LDAP structures or requirements.

      Functional requirements and proposed test plan is here:

      https://docs.google.com/a/10gen.com/document/d/1s64LFwniLKMUlL_xs2Z1xOvIfVVD7fYEaYyPwaz_h8Y/edit?usp=sharing

      Attachments

        1. david-ldap.ldif
          2 kB
        2. ldap users.png
          ldap users.png
          98 kB

        Issue Links

          depends on

          New Feature - A new feature of the product, which has yet to be developed. RUBY-614 Implement SASL PLAIN Authentication Support (LDAP)

          • Major - P3 - Major loss of function.
          • Closed
          has to be done after

          New Feature - A new feature of the product, which has yet to be developed. DRIVERS-103 Manipulate user objects exclusively via commands

          • Major - P3 - Major loss of function.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. RUBY-530 Implement GSSAPI (Kerberos) Authentication Support

          • Major - P3 - Major loss of function.
          • Closed
          related to

          New Feature - A new feature of the product, which has yet to be developed. SERVER-9530 LDAP Support for User Role Resolution

          • Major - P3 - Major loss of function.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. SERVER-12303 Group, Role-based Authentication/Authorization via LDAP, Active Directory

          • Major - P3 - Major loss of function.
          • Closed

          Activity

            People

              david.hows David Hows
              rob.young@10gen.com Rob Young (Inactive)
              Jess Mokrzecki Jess Mokrzecki
              Votes:
              0 Vote for this issue
              Watchers:
              11 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                9 years, 28 weeks, 6 days ago