Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-37155

Improve the LDAP server logging

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: 3.6.6
    • Fix Version/s: 3.6.11, 4.0.7, 4.1.7
    • Component/s: Logging
    • Labels:
      None
    • Backwards Compatibility:
      Fully Compatible
    • Backport Requested:
      v4.0, v3.6
    • Sprint:
      Security 2018-12-17, Security 2018-12-31
    • Case:

      Description

      Currently the LDAP server is always reported as default in MongoDB Enterprise Server logs, for example:

      2018-09-14T14:14:17.481-0700 D ACCESS   [conn3] LDAPAPIInfo: { ldapai_info_version: 1, ldapai_api_version: 3001, ldap_protocol_ver
      sion: 3, ldapai_extensions: [X_OPENLDAP], ldapai_vendor_name: OpenLDAP, ldapai_vendor_version: 20444}
      2018-09-14T14:14:17.481-0700 D ACCESS   [conn3] Binding to LDAP server "default" with bind parameters: {BindDN: mdb, authenticationType: simple}
      2018-09-14T14:14:37.503-0700 E ACCESS   [conn3] Failed to bind to LDAP server at default: Can't contact LDAP server. Bind parameters were: {BindDN: mdb, authenticationType: simple}
      2018-09-14T14:14:37.503-0700 I ACCESS   [conn3] PLAIN authentication failed for mdb on $external from client 10.211.55.20:37728 ; OperationFailed: LDAP bind failed with error: Can't contact LDAP server
      

      This makes the investigations unnecessary complicated, especially if a customer is using many LDAP server behind a single hostname - I've seen up to 33 hosts.

      We need to log the IP address (and a hostname) of LDAP server which we're currently talking to.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              isabella.siu Isabella Siu
              Reporter:
              andrey.brindeyev Andrey Brindeev
              Participants:
              Votes:
              0 Vote for this issue
              Watchers:
              11 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: