Details
-
Task
-
Resolution: Done
-
Major - P3
-
3.4.0
-
None
Description
During a recent consult helping a customer configure the new 3.4 LDAP authentication against AD, we discovered a few doc issues with the tutorial https://docs.mongodb.com/manual/tutorial/authenticate-nativeldap-activedirectory/
First, there is a JSON parsing error in
userToDNMapping:
|
'[
|
{
|
match: "(.+)"
|
ldapQuery: "DC=example,DC=com??sub?(userPrincipalName={0})"
|
}
|
]'
|
There needs to be a comma after the match: "(.+)"
userToDNMapping:
|
'[
|
{
|
match: "(.+)",
|
ldapQuery: "DC=example,DC=com??sub?(userPrincipalName={0})"
|
}
|
]'
|
2. In the sample command to authenticate via the mongo shell there are a couple typos:
it should be authenticationMechanism not authenticationMechanisms which is the mongod/mongos parameter. Then we had to remove the single quotes around PLAIN and $external and not have = signs. The full command which worked through the Windows command prompt should be:
mongo --username sam@DBA.EXAMPLE.COM --password secret123 --authenticationMechanism PLAIN --authenticationDatabase $external --host <hostname> --port <port>
|