Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-35566

setParameter.saslauthdPath no longer defaults to /var/run/saslauthd/mux

XMLWordPrintableJSON

    • Fully Compatible
    • ALL
    • v4.0
    • Hide

      Start MongoDB 4.0.0-rc4 with LDAP: mongod --dbpath=db1 --setParameter authenticationMechanisms=PLAIN

      Connect via the shell and attempt to authenticate:

      MongoDB Enterprise > use $external
switched to db $external
MongoDB Enterprise > db.auth({mechanism: "PLAIN", user: "user", pwd: "supersecure", digestPassword: false})
Error: Authentication failed.
0
      Show
      Start MongoDB 4.0.0-rc4 with LDAP: mongod --dbpath=db1 --setParameter authenticationMechanisms=PLAIN Connect via the shell and attempt to authenticate: MongoDB Enterprise > use $external switched to db $external MongoDB Enterprise > db.auth({mechanism: "PLAIN", user: "user", pwd: "supersecure", digestPassword: false}) Error: Authentication failed. 0
    • Platforms 2018-06-18

      I've noticed, that when using LDAP with saslauthd, saslauthdPath no longer defaults to /var/run/saslauthd/mux starting in MongoDB 4.0.

      Authenticating using LDAP fails and I get the following error messages in the log:

      2018-06-12T20:18:41.076+0000 E ACCESS   [conn1] Failed to bind to LDAP server at default: Can't contact LDAP server. Bind parameters were: {BindDN: automation-agent, authenticationType: simple}
2018-06-12T20:18:41.076+0000 I ACCESS   [conn1] SASL PLAIN authentication failed for automation-agent on $external from client 127.0.0.1:43584 ; OperationFailed: LDAP bind failed with error: Can't contact LDAP server

      I am able to authenticate successfully if I downgrade to MongoDB 3.6 or specify saslauthdPath.

      This is problematic for users upgrading existing LDAP deployments that do not specify saslauthdPath and depend on it defaulting to /var/run/saslauthd/mux. Such deployments will break upon upgrading to MongoDB 4.0

            Assignee:
            sara.golemon@mongodb.com Sara Golemon
            Reporter:
            tim.olsen@mongodb.com Timothy Olsen (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved: