-
Type: Task
-
Resolution: Done
-
Priority: Major - P3
-
Affects Version/s: 3.4.0
-
Component/s: Server
-
Labels:None
During a recent consult helping a customer configure the new 3.4 LDAP authentication against AD, we discovered a few doc issues with the tutorial https://docs.mongodb.com/manual/tutorial/authenticate-nativeldap-activedirectory/
First, there is a JSON parsing error in
userToDNMapping: '[ { match: "(.+)" ldapQuery: "DC=example,DC=com??sub?(userPrincipalName={0})" } ]'
There needs to be a comma after the match: "(.+)"
userToDNMapping: '[ { match: "(.+)", ldapQuery: "DC=example,DC=com??sub?(userPrincipalName={0})" } ]'
2. In the sample command to authenticate via the mongo shell there are a couple typos:
it should be authenticationMechanism not authenticationMechanisms which is the mongod/mongos parameter. Then we had to remove the single quotes around PLAIN and $external and not have = signs. The full command which worked through the Windows command prompt should be:
mongo --username sam@DBA.EXAMPLE.COM --password secret123 --authenticationMechanism PLAIN --authenticationDatabase $external --host <hostname> --port <port>