Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-32933

Allow mongod to start when unable to reach LDAP server

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Critical - P2
    • Resolution: Fixed
    • Affects Version/s: 3.4.10, 3.6.2
    • Fix Version/s: 3.4.14, 3.6.3, 3.7.2
    • Component/s: Security
    • Labels:
    • Backwards Compatibility:
      Fully Compatible
    • Backport Requested:
      v3.6, v3.4
    • Sprint:
      Platforms 2018-01-29, Platforms 2018-02-12

      Description

      When using "SCRAM-SHA-1, PLAIN" as your authentication mechanism it would be desirable for mongod to start and continue to run, regardless of the state of the LDAP server since SCRAM users will still be able to authenticate. Currently there is a check on startup of mongod that will prevent the server from starting when the LDAP server can not be validated.

      2018-01-26T17:09:40.763+0000 I CONTROL  [main] ***** SERVER RESTARTED *****
      2018-01-26T17:09:44.649+0000 E ACCESS   [main] Failed to bind to LDAP server at default: Can't contact LDAP server. Bind parameters were: {BindDN: cn=read-only-admin,dc=example,dc=com, authenticationType: simple}
      2018-01-26T17:09:44.649+0000 F CONTROL  [main] Failed global initialization: FailedToParse: Can't connect to the specified LDAP servers, error: LDAP bind failed with error: Can't contact LDAP server
      

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: