Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-37155

Improve the LDAP server logging

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • 3.6.6
    • 3.6.11, 4.0.7, 4.1.7
    • Logging
    • None
    • Fully Compatible
    • v4.0, v3.6
    • Security 2018-12-17, Security 2018-12-31

    Description

      Currently the LDAP server is always reported as default in MongoDB Enterprise Server logs, for example:

      2018-09-14T14:14:17.481-0700 D ACCESS   [conn3] LDAPAPIInfo: { ldapai_info_version: 1, ldapai_api_version: 3001, ldap_protocol_ver
      sion: 3, ldapai_extensions: [X_OPENLDAP], ldapai_vendor_name: OpenLDAP, ldapai_vendor_version: 20444}
      2018-09-14T14:14:17.481-0700 D ACCESS   [conn3] Binding to LDAP server "default" with bind parameters: {BindDN: mdb, authenticationType: simple}
      2018-09-14T14:14:37.503-0700 E ACCESS   [conn3] Failed to bind to LDAP server at default: Can't contact LDAP server. Bind parameters were: {BindDN: mdb, authenticationType: simple}
      2018-09-14T14:14:37.503-0700 I ACCESS   [conn3] PLAIN authentication failed for mdb on $external from client 10.211.55.20:37728 ; OperationFailed: LDAP bind failed with error: Can't contact LDAP server
      

      This makes the investigations unnecessary complicated, especially if a customer is using many LDAP server behind a single hostname - I've seen up to 33 hosts.

      We need to log the IP address (and a hostname) of LDAP server which we're currently talking to.

      Attachments

        Issue Links

          Activity

            People

              isabella.siu@mongodb.com Isabella Siu (Inactive)
              andrey.brindeyev@mongodb.com Andrey Brindeyev
              Votes:
              0 Vote for this issue
              Watchers:
              11 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: